patch 7.4.1777

Problem:    Newly added features can escape the sandbox.
Solution:   Add checks for restricted and secure. (Yasuhiro Matsumoto)

diff --git a/src/eval.c b/src/eval.c
index e7712916e8d83664d11ae1de32b6f5fca20f5e4f..146348dd803391c930b5b5e4077fcf3d5511bee5 100644 (file)
--- a/src/eval.c
+++ b/src/eval.c
@@ -10408,6 +10408,8 @@ f_ch_logfile(typval_T *argvars, typval_T *rettv UNUSED)
 f_ch_open(typval_T *argvars, typval_T *rettv)
 {
     rettv->v_type = VAR_CHANNEL;
+    if (check_restricted() || check_secure())
+       return;
     rettv->vval.v_channel = channel_open_func(argvars);
 }
 
@@ -15078,6 +15080,8 @@ f_job_setoptions(typval_T *argvars, typval_T *rettv UNUSED)
 f_job_start(typval_T *argvars, typval_T *rettv)
 {
     rettv->v_type = VAR_JOB;
+    if (check_restricted() || check_secure())
+       return;
     rettv->vval.v_job = job_start(argvars);
 }
 
@@ -16821,8 +16825,6 @@ check_connection(void)
 #endif
 
 #ifdef FEAT_CLIENTSERVER
-static void remote_common(typval_T *argvars, typval_T *rettv, int expr);
-
     static void
 remote_common(typval_T *argvars, typval_T *rettv, int expr)
 {
@@ -20683,6 +20685,8 @@ f_timer_start(typval_T *argvars, typval_T *rettv)
     char_u  *callback;
     dict_T  *dict;
 
+    if (check_secure())
+       return;
     if (argvars[2].v_type != VAR_UNKNOWN)
     {
        if (argvars[2].v_type != VAR_DICT

diff --git a/src/version.c b/src/version.c
index 1c35576b0997c70b95d96f061365b7a62ac079b9..34b5f4c0c70a923ee0104a246324f0dcebdff280 100644 (file)
--- a/src/version.c
+++ b/src/version.c
@@ -753,6 +753,8 @@ static char *(features[]) =
 
 static int included_patches[] =
 {   /* Add new patch number below this line */
+/**/
+    1777,
 /**/
     1776,
 /**/