From e7e35b9e3866abcbb33eec789c85636671c86440 Mon Sep 17 00:00:00 2001 From: Christian Brabandt Date: Wed, 29 Apr 2026 21:17:11 +0000 Subject: [PATCH] runtime(doc): clarify that viminfo file should be trusted Signed-off-by: Christian Brabandt --- runtime/doc/options.txt | 8 ++++++++ runtime/doc/starting.txt | 20 +++++++++++++++++++- 2 files changed, 27 insertions(+), 1 deletion(-) diff --git a/runtime/doc/options.txt b/runtime/doc/options.txt index e994d2901e..3576e174b7 100644 --- a/runtime/doc/options.txt +++ b/runtime/doc/options.txt @@ -10041,6 +10041,14 @@ A jump table for the options with a short description can be found at |Q_op|. letter. Thus "KEEPTHIS and "K_L_M" are stored, but "KeepThis" and "_K_L_M" are not. Nested List and Dict items may not be read back correctly, you end up with an empty item. + + Restoring |List|, |Dictionary| and |Tuple| variables is done by + parsing their textual form with the Vim expression evaluator. + Reading a viminfo file with "!" enabled is therefore only safe + when the file is trusted. In particular, do not enable "!" + before reading a viminfo file you obtained from another user, + downloaded, or that is writable by another account. See + also |viminfo-security|. *viminfo-quote* " Maximum number of lines saved for each register. Old name of the '<' item, with the disadvantage that you need to put a diff --git a/runtime/doc/starting.txt b/runtime/doc/starting.txt index 46a47b7e2b..816849fb9c 100644 --- a/runtime/doc/starting.txt +++ b/runtime/doc/starting.txt @@ -1,4 +1,4 @@ -*starting.txt* For Vim version 9.2. Last change: 2026 Mar 17 +*starting.txt* For Vim version 9.2. Last change: 2026 Apr 29 VIM REFERENCE MANUAL by Bram Moolenaar @@ -1573,6 +1573,24 @@ Session. You could have several Session files, one for each project you are working on. Viminfo and Session files together can be used to effectively enter Vim and directly start working in your desired setup. |session-file| + *viminfo-security* +A viminfo file written by Vim is plain text and contains Vim expressions for +|List|, |Dictionary| and |Tuple| values. When "!" is in 'viminfo' at the time +Vim processes the file as a viminfo file, those expressions are evaluated. + +The default value of 'viminfo' does not include "!", so by default no +expression evaluation happens. + +Opening a viminfo file in a buffer (e.g. with |:edit|) is harmless; Vim only +displays the file contents. The risk is letting Vim process an untrusted file +through the viminfo machinery, which happens when: +- |:rviminfo| is used on the file, or +- 'viminfofile' is set to point at it, or +- the file is placed at the path Vim already reads as viminfo + |viminfo-file-name| + +In any of those cases, do not have "!" in 'viminfo' if you do not trust it. + *viminfo-read* When Vim is started and the 'viminfo' option is non-empty, the contents of the viminfo file are read and the info can be used in the appropriate places. -- 2.47.3