To: vim-dev@vim.org Subject: Patch 5.7.024 Fcc: outbox From: Bram Moolenaar ------------ Patch 5.7.024 Problem: Evaluating an expression for 'statusline' can have side effects. Solution: Evaluate the expression in a sandbox. Files: src/edit.c, src/eval.c, src/proto/eval.pro, src/ex_cmds.c, src/ex_cmds.h, src/ex_docmd.c, src/globals.h, src/option.c, src/screen.c, src/undo.c *** ../vim-5.7.23/src/edit.c Sat Jun 17 21:32:18 2000 --- src/edit.c Mon Jan 29 20:32:55 2001 *************** *** 222,227 **** --- 222,236 ---- * error message */ check_for_delay(TRUE); + #ifdef HAVE_SANDBOX + /* Don't allow inserting in the sandbox. */ + if (sandbox != 0) + { + EMSG(e_sandbox); + return FALSE; + } + #endif + #ifdef INSERT_EXPAND ins_compl_clear(); /* clear stuff for ctrl-x mode */ #endif *** ../vim-5.7.23/src/eval.c Thu Nov 16 17:06:52 2000 --- src/eval.c Mon Jan 29 20:10:22 2001 *************** *** 320,325 **** --- 324,350 ---- return retval; } + + # if defined(STATUSLINE) || defined(PROTO) + /* + * Call eval_to_string() with "sandbox" set and not using local variables. + */ + char_u * + eval_to_string_safe(arg, nextcmd) + char_u *arg; + char_u **nextcmd; + { + char_u *retval; + void *save_funccalp; + + save_funccalp = save_funccal(); + ++sandbox; + retval = eval_to_string(arg, nextcmd); + --sandbox; + restore_funccal(save_funccalp); + return retval; + } + # endif /* * ":let var = expr" assignment command. *** ../vim-5.7.23/src/proto/eval.pro Sat Jun 24 11:18:33 2000 --- src/proto/eval.pro Mon Jan 29 20:31:34 2001 *************** *** 2,7 **** --- 2,8 ---- void set_internal_string_var __ARGS((char_u *name, char_u *value)); int eval_to_bool __ARGS((char_u *arg, int *error, char_u **nextcmd, int skip)); char_u *eval_to_string __ARGS((char_u *arg, char_u **nextcmd)); + char_u *eval_to_string_safe __ARGS((char_u *arg, char_u **nextcmd)); void do_let __ARGS((EXARG *eap)); void set_context_for_expression __ARGS((char_u *arg, CMDIDX cmdidx)); void do_call __ARGS((EXARG *eap)); *** ../vim-5.7.23/src/ex_cmds.c Tue Nov 28 22:53:54 2000 --- src/ex_cmds.c Mon Jan 29 20:32:11 2001 *************** *** 2961,2966 **** --- 2961,2977 ---- emsg(e_curdir); return TRUE; } + #ifdef HAVE_SANDBOX + /* + * In the sandbox more things are not allowed, including the things + * disallowed in secure mode. + */ + if (sandbox != 0) + { + EMSG(e_sandbox); + return TRUE; + } + #endif return FALSE; } *** ../vim-5.7.23/src/ex_cmds.h Mon Jun 14 18:24:51 1999 --- src/ex_cmds.h Mon Jan 29 20:27:12 2001 *************** *** 54,59 **** --- 54,60 ---- #define NOTADR 0x4000 /* number before command is not an address */ #define EDITCMD 0x8000 /* has "+command" argument */ #define BUFNAME 0x10000 /* accepts buffer name */ + #define SBOXOK 0x40000 /* allowed in the sandbox */ #define FILES (XFILE | EXTRA) /* multiple extra files allowed */ #define WORD1 (EXTRA | NOSPC) /* one extra word allowed */ #define FILE1 (FILES | NOSPC) /* 1 file allowed, defaults to current file */ *************** *** 101,107 **** EXCMD(CMD_bnext, "bnext", BANG|RANGE|NOTADR|COUNT|TRLBAR), EXCMD(CMD_bprevious,"bprevious", BANG|RANGE|NOTADR|COUNT|TRLBAR), EXCMD(CMD_brewind, "brewind", BANG|RANGE|TRLBAR), ! EXCMD(CMD_break, "break", TRLBAR), EXCMD(CMD_browse, "browse", NEEDARG|EXTRA|NOTRLCOM), EXCMD(CMD_buffers, "buffers", TRLBAR), EXCMD(CMD_bunload, "bunload", BANG|RANGE|NOTADR|BUFNAME|COUNT|EXTRA|TRLBAR), --- 102,108 ---- EXCMD(CMD_bnext, "bnext", BANG|RANGE|NOTADR|COUNT|TRLBAR), EXCMD(CMD_bprevious,"bprevious", BANG|RANGE|NOTADR|COUNT|TRLBAR), EXCMD(CMD_brewind, "brewind", BANG|RANGE|TRLBAR), ! EXCMD(CMD_break, "break", TRLBAR|SBOXOK), EXCMD(CMD_browse, "browse", NEEDARG|EXTRA|NOTRLCOM), EXCMD(CMD_buffers, "buffers", TRLBAR), EXCMD(CMD_bunload, "bunload", BANG|RANGE|NOTADR|BUFNAME|COUNT|EXTRA|TRLBAR), *************** *** 109,115 **** EXCMD(CMD_cNext, "cNext", RANGE|NOTADR|COUNT|TRLBAR|BANG), EXCMD(CMD_cabbrev, "cabbrev", EXTRA|TRLBAR|NOTRLCOM|USECTRLV), EXCMD(CMD_cabclear, "cabclear", TRLBAR), ! EXCMD(CMD_call, "call", RANGE|NEEDARG|EXTRA|NOTRLCOM), EXCMD(CMD_cc, "cc", RANGE|NOTADR|COUNT|TRLBAR|BANG), EXCMD(CMD_cd, "cd", NAMEDF|TRLBAR), EXCMD(CMD_center, "center", TRLBAR|RANGE|EXTRA), --- 110,116 ---- EXCMD(CMD_cNext, "cNext", RANGE|NOTADR|COUNT|TRLBAR|BANG), EXCMD(CMD_cabbrev, "cabbrev", EXTRA|TRLBAR|NOTRLCOM|USECTRLV), EXCMD(CMD_cabclear, "cabclear", TRLBAR), ! EXCMD(CMD_call, "call", RANGE|NEEDARG|EXTRA|NOTRLCOM|SBOXOK), EXCMD(CMD_cc, "cc", RANGE|NOTADR|COUNT|TRLBAR|BANG), EXCMD(CMD_cd, "cd", NAMEDF|TRLBAR), EXCMD(CMD_center, "center", TRLBAR|RANGE|EXTRA), *************** *** 132,138 **** EXCMD(CMD_colder, "colder", RANGE|NOTADR|COUNT|TRLBAR), EXCMD(CMD_command, "command", EXTRA|BANG|NOTRLCOM|USECTRLV), EXCMD(CMD_comclear, "comclear", TRLBAR), ! EXCMD(CMD_continue, "continue", TRLBAR), EXCMD(CMD_confirm, "confirm", NEEDARG|EXTRA|NOTRLCOM), EXCMD(CMD_cprevious,"cprevious", RANGE|NOTADR|COUNT|TRLBAR|BANG), EXCMD(CMD_cquit, "cquit", TRLBAR|BANG), --- 133,139 ---- EXCMD(CMD_colder, "colder", RANGE|NOTADR|COUNT|TRLBAR), EXCMD(CMD_command, "command", EXTRA|BANG|NOTRLCOM|USECTRLV), EXCMD(CMD_comclear, "comclear", TRLBAR), ! EXCMD(CMD_continue, "continue", TRLBAR|SBOXOK), EXCMD(CMD_confirm, "confirm", NEEDARG|EXTRA|NOTRLCOM), EXCMD(CMD_cprevious,"cprevious", RANGE|NOTADR|COUNT|TRLBAR|BANG), EXCMD(CMD_cquit, "cquit", TRLBAR|BANG), *************** *** 154,170 **** EXCMD(CMD_dsearch, "dsearch", BANG|RANGE|DFLALL|EXTRA), EXCMD(CMD_dsplit, "dsplit", BANG|RANGE|DFLALL|EXTRA), EXCMD(CMD_edit, "edit", BANG|FILE1|EDITCMD|TRLBAR), ! EXCMD(CMD_echo, "echo", EXTRA|NOTRLCOM), ! EXCMD(CMD_echohl, "echohl", EXTRA|TRLBAR), ! EXCMD(CMD_echon, "echon", EXTRA|NOTRLCOM), ! EXCMD(CMD_else, "else", TRLBAR), ! EXCMD(CMD_elseif, "elseif", EXTRA|NOTRLCOM), EXCMD(CMD_exemenu, "emenu", NEEDARG+EXTRA+TRLBAR+NOTRLCOM), ! EXCMD(CMD_endif, "endif", TRLBAR), EXCMD(CMD_endfunction,"endfunction",TRLBAR), ! EXCMD(CMD_endwhile, "endwhile", TRLBAR), EXCMD(CMD_ex, "ex", BANG|FILE1|EDITCMD|TRLBAR), ! EXCMD(CMD_execute, "execute", EXTRA|NOTRLCOM), EXCMD(CMD_exit, "exit", RANGE|BANG|FILE1|DFLALL|TRLBAR), EXCMD(CMD_file, "file", BANG|FILE1|TRLBAR), EXCMD(CMD_files, "files", TRLBAR), --- 155,171 ---- EXCMD(CMD_dsearch, "dsearch", BANG|RANGE|DFLALL|EXTRA), EXCMD(CMD_dsplit, "dsplit", BANG|RANGE|DFLALL|EXTRA), EXCMD(CMD_edit, "edit", BANG|FILE1|EDITCMD|TRLBAR), ! EXCMD(CMD_echo, "echo", EXTRA|NOTRLCOM|SBOXOK), ! EXCMD(CMD_echohl, "echohl", EXTRA|TRLBAR|SBOXOK), ! EXCMD(CMD_echon, "echon", EXTRA|NOTRLCOM|SBOXOK), ! EXCMD(CMD_else, "else", TRLBAR|SBOXOK), ! EXCMD(CMD_elseif, "elseif", EXTRA|NOTRLCOM|SBOXOK), EXCMD(CMD_exemenu, "emenu", NEEDARG+EXTRA+TRLBAR+NOTRLCOM), ! EXCMD(CMD_endif, "endif", TRLBAR|SBOXOK), EXCMD(CMD_endfunction,"endfunction",TRLBAR), ! EXCMD(CMD_endwhile, "endwhile", TRLBAR|SBOXOK), EXCMD(CMD_ex, "ex", BANG|FILE1|EDITCMD|TRLBAR), ! EXCMD(CMD_execute, "execute", EXTRA|NOTRLCOM|SBOXOK), EXCMD(CMD_exit, "exit", RANGE|BANG|FILE1|DFLALL|TRLBAR), EXCMD(CMD_file, "file", BANG|FILE1|TRLBAR), EXCMD(CMD_files, "files", TRLBAR), *************** *** 173,191 **** EXCMD(CMD_fixdel, "fixdel", TRLBAR), EXCMD(CMD_function, "function", EXTRA|BANG), EXCMD(CMD_global, "global", RANGE|BANG|EXTRA|DFLALL), ! EXCMD(CMD_goto, "goto", RANGE|NOTADR|COUNT|TRLBAR), EXCMD(CMD_grep, "grep", NEEDARG|EXTRA|NOTRLCOM|TRLBAR|XFILE), EXCMD(CMD_gui, "gui", BANG|NAMEDFS|EDITCMD|TRLBAR), EXCMD(CMD_gvim, "gvim", BANG|NAMEDFS|EDITCMD|TRLBAR), EXCMD(CMD_help, "help", EXTRA|NOTRLCOM), EXCMD(CMD_helpfind, "helpfind", EXTRA|NOTRLCOM), ! EXCMD(CMD_highlight,"highlight", BANG|EXTRA|TRLBAR), EXCMD(CMD_hide, "hide", BANG|TRLBAR), EXCMD(CMD_history, "history", EXTRA|TRLBAR), EXCMD(CMD_insert, "insert", BANG|RANGE|TRLBAR), EXCMD(CMD_iabbrev, "iabbrev", EXTRA|TRLBAR|NOTRLCOM|USECTRLV), EXCMD(CMD_iabclear, "iabclear", TRLBAR), ! EXCMD(CMD_if, "if", EXTRA|NOTRLCOM), EXCMD(CMD_ijump, "ijump", BANG|RANGE|DFLALL|EXTRA), EXCMD(CMD_ilist, "ilist", BANG|RANGE|DFLALL|EXTRA), EXCMD(CMD_imap, "imap", EXTRA|TRLBAR|NOTRLCOM|USECTRLV), --- 174,192 ---- EXCMD(CMD_fixdel, "fixdel", TRLBAR), EXCMD(CMD_function, "function", EXTRA|BANG), EXCMD(CMD_global, "global", RANGE|BANG|EXTRA|DFLALL), ! EXCMD(CMD_goto, "goto", RANGE|NOTADR|COUNT|TRLBAR|SBOXOK), EXCMD(CMD_grep, "grep", NEEDARG|EXTRA|NOTRLCOM|TRLBAR|XFILE), EXCMD(CMD_gui, "gui", BANG|NAMEDFS|EDITCMD|TRLBAR), EXCMD(CMD_gvim, "gvim", BANG|NAMEDFS|EDITCMD|TRLBAR), EXCMD(CMD_help, "help", EXTRA|NOTRLCOM), EXCMD(CMD_helpfind, "helpfind", EXTRA|NOTRLCOM), ! EXCMD(CMD_highlight,"highlight", BANG|EXTRA|TRLBAR|SBOXOK), EXCMD(CMD_hide, "hide", BANG|TRLBAR), EXCMD(CMD_history, "history", EXTRA|TRLBAR), EXCMD(CMD_insert, "insert", BANG|RANGE|TRLBAR), EXCMD(CMD_iabbrev, "iabbrev", EXTRA|TRLBAR|NOTRLCOM|USECTRLV), EXCMD(CMD_iabclear, "iabclear", TRLBAR), ! EXCMD(CMD_if, "if", EXTRA|NOTRLCOM|SBOXOK), EXCMD(CMD_ijump, "ijump", BANG|RANGE|DFLALL|EXTRA), EXCMD(CMD_ilist, "ilist", BANG|RANGE|DFLALL|EXTRA), EXCMD(CMD_imap, "imap", EXTRA|TRLBAR|NOTRLCOM|USECTRLV), *************** *** 202,215 **** EXCMD(CMD_iunmenu, "iunmenu", EXTRA|TRLBAR|NOTRLCOM|USECTRLV), EXCMD(CMD_join, "join", BANG|RANGE|COUNT|TRLBAR), EXCMD(CMD_jumps, "jumps", TRLBAR), ! EXCMD(CMD_k, "k", RANGE|WORD1|TRLBAR), EXCMD(CMD_list, "list", RANGE|COUNT|TRLBAR), EXCMD(CMD_last, "last", EXTRA|BANG|EDITCMD|TRLBAR), EXCMD(CMD_left, "left", TRLBAR|RANGE|EXTRA), ! EXCMD(CMD_let, "let", EXTRA|NOTRLCOM), EXCMD(CMD_ls, "ls", TRLBAR), EXCMD(CMD_move, "move", RANGE|EXTRA|TRLBAR), ! EXCMD(CMD_mark, "mark", RANGE|WORD1|TRLBAR), EXCMD(CMD_make, "make", EXTRA|NOTRLCOM|TRLBAR|XFILE), EXCMD(CMD_map, "map", BANG|EXTRA|TRLBAR|NOTRLCOM|USECTRLV), EXCMD(CMD_mapclear, "mapclear", BANG|TRLBAR), --- 203,216 ---- EXCMD(CMD_iunmenu, "iunmenu", EXTRA|TRLBAR|NOTRLCOM|USECTRLV), EXCMD(CMD_join, "join", BANG|RANGE|COUNT|TRLBAR), EXCMD(CMD_jumps, "jumps", TRLBAR), ! EXCMD(CMD_k, "k", RANGE|WORD1|TRLBAR|SBOXOK), EXCMD(CMD_list, "list", RANGE|COUNT|TRLBAR), EXCMD(CMD_last, "last", EXTRA|BANG|EDITCMD|TRLBAR), EXCMD(CMD_left, "left", TRLBAR|RANGE|EXTRA), ! EXCMD(CMD_let, "let", EXTRA|NOTRLCOM|SBOXOK), EXCMD(CMD_ls, "ls", TRLBAR), EXCMD(CMD_move, "move", RANGE|EXTRA|TRLBAR), ! EXCMD(CMD_mark, "mark", RANGE|WORD1|TRLBAR|SBOXOK), EXCMD(CMD_make, "make", EXTRA|NOTRLCOM|TRLBAR|XFILE), EXCMD(CMD_map, "map", BANG|EXTRA|TRLBAR|NOTRLCOM|USECTRLV), EXCMD(CMD_mapclear, "mapclear", BANG|TRLBAR), *************** *** 229,238 **** EXCMD(CMD_nnoremap, "nnoremap", EXTRA|TRLBAR|NOTRLCOM|USECTRLV), EXCMD(CMD_nnoremenu,"nnoremenu", RANGE|NOTADR|ZEROR|EXTRA|TRLBAR|NOTRLCOM|USECTRLV), EXCMD(CMD_noremap, "noremap", BANG|EXTRA|TRLBAR|NOTRLCOM|USECTRLV), ! EXCMD(CMD_nohlsearch,"nohlsearch", TRLBAR), EXCMD(CMD_noreabbrev,"noreabbrev", EXTRA|TRLBAR|NOTRLCOM|USECTRLV), EXCMD(CMD_noremenu, "noremenu", RANGE|NOTADR|ZEROR|BANG|EXTRA|TRLBAR|NOTRLCOM|USECTRLV), ! EXCMD(CMD_normal, "normal", RANGE|BANG|EXTRA|NEEDARG|NOTRLCOM|USECTRLV), EXCMD(CMD_number, "number", RANGE|COUNT|TRLBAR), EXCMD(CMD_nunmap, "nunmap", EXTRA|TRLBAR|NOTRLCOM|USECTRLV), EXCMD(CMD_nunmenu, "nunmenu", EXTRA|TRLBAR|NOTRLCOM|USECTRLV), --- 230,239 ---- EXCMD(CMD_nnoremap, "nnoremap", EXTRA|TRLBAR|NOTRLCOM|USECTRLV), EXCMD(CMD_nnoremenu,"nnoremenu", RANGE|NOTADR|ZEROR|EXTRA|TRLBAR|NOTRLCOM|USECTRLV), EXCMD(CMD_noremap, "noremap", BANG|EXTRA|TRLBAR|NOTRLCOM|USECTRLV), ! EXCMD(CMD_nohlsearch,"nohlsearch", TRLBAR|SBOXOK), EXCMD(CMD_noreabbrev,"noreabbrev", EXTRA|TRLBAR|NOTRLCOM|USECTRLV), EXCMD(CMD_noremenu, "noremenu", RANGE|NOTADR|ZEROR|BANG|EXTRA|TRLBAR|NOTRLCOM|USECTRLV), ! EXCMD(CMD_normal, "normal", RANGE|BANG|EXTRA|NEEDARG|NOTRLCOM|USECTRLV|SBOXOK), EXCMD(CMD_number, "number", RANGE|COUNT|TRLBAR), EXCMD(CMD_nunmap, "nunmap", EXTRA|TRLBAR|NOTRLCOM|USECTRLV), EXCMD(CMD_nunmenu, "nunmenu", EXTRA|TRLBAR|NOTRLCOM|USECTRLV), *************** *** 248,255 **** EXCMD(CMD_ounmenu, "ounmenu", EXTRA|TRLBAR|NOTRLCOM|USECTRLV), EXCMD(CMD_print, "print", RANGE|COUNT|TRLBAR), EXCMD(CMD_pclose, "pclose", BANG|TRLBAR), ! EXCMD(CMD_perl, "perl", RANGE|EXTRA|DFLALL|NEEDARG), ! EXCMD(CMD_perldo, "perldo", RANGE|EXTRA|DFLALL|NEEDARG), EXCMD(CMD_pop, "pop", RANGE|NOTADR|BANG|COUNT|TRLBAR|ZEROR), EXCMD(CMD_ppop, "ppop", RANGE|NOTADR|BANG|COUNT|TRLBAR|ZEROR), EXCMD(CMD_preserve, "preserve", TRLBAR), --- 249,256 ---- EXCMD(CMD_ounmenu, "ounmenu", EXTRA|TRLBAR|NOTRLCOM|USECTRLV), EXCMD(CMD_print, "print", RANGE|COUNT|TRLBAR), EXCMD(CMD_pclose, "pclose", BANG|TRLBAR), ! EXCMD(CMD_perl, "perl", RANGE|EXTRA|DFLALL|NEEDARG|SBOXOK), ! EXCMD(CMD_perldo, "perldo", RANGE|EXTRA|DFLALL|NEEDARG|SBOXOK), EXCMD(CMD_pop, "pop", RANGE|NOTADR|BANG|COUNT|TRLBAR|ZEROR), EXCMD(CMD_ppop, "ppop", RANGE|NOTADR|BANG|COUNT|TRLBAR|ZEROR), EXCMD(CMD_preserve, "preserve", TRLBAR), *************** *** 266,273 **** EXCMD(CMD_ptselect, "ptselect", BANG|TRLBAR|WORD1), EXCMD(CMD_put, "put", RANGE|BANG|REGSTR|TRLBAR|ZEROR), EXCMD(CMD_pwd, "pwd", TRLBAR), ! EXCMD(CMD_python, "python", RANGE|EXTRA|NEEDARG), ! EXCMD(CMD_pyfile, "pyfile", RANGE|FILE1|NEEDARG), EXCMD(CMD_quit, "quit", BANG|TRLBAR), EXCMD(CMD_qall, "qall", BANG|TRLBAR), EXCMD(CMD_read, "read", BANG|RANGE|NAMEDF|TRLBAR|ZEROR), --- 267,274 ---- EXCMD(CMD_ptselect, "ptselect", BANG|TRLBAR|WORD1), EXCMD(CMD_put, "put", RANGE|BANG|REGSTR|TRLBAR|ZEROR), EXCMD(CMD_pwd, "pwd", TRLBAR), ! EXCMD(CMD_python, "python", RANGE|EXTRA|NEEDARG|SBOXOK), ! EXCMD(CMD_pyfile, "pyfile", RANGE|FILE1|NEEDARG|SBOXOK), EXCMD(CMD_quit, "quit", BANG|TRLBAR), EXCMD(CMD_qall, "qall", BANG|TRLBAR), EXCMD(CMD_read, "read", BANG|RANGE|NAMEDF|TRLBAR|ZEROR), *************** *** 277,283 **** EXCMD(CMD_registers,"registers", EXTRA|NOTRLCOM|TRLBAR), EXCMD(CMD_resize, "resize", TRLBAR|WORD1), EXCMD(CMD_retab, "retab", TRLBAR|RANGE|DFLALL|BANG|WORD1), ! EXCMD(CMD_return, "return", EXTRA|NOTRLCOM), EXCMD(CMD_rewind, "rewind", EXTRA|BANG|EDITCMD|TRLBAR), EXCMD(CMD_right, "right", TRLBAR|RANGE|EXTRA), EXCMD(CMD_rviminfo, "rviminfo", BANG|FILE1|TRLBAR), --- 278,284 ---- EXCMD(CMD_registers,"registers", EXTRA|NOTRLCOM|TRLBAR), EXCMD(CMD_resize, "resize", TRLBAR|WORD1), EXCMD(CMD_retab, "retab", TRLBAR|RANGE|DFLALL|BANG|WORD1), ! EXCMD(CMD_return, "return", EXTRA|NOTRLCOM|SBOXOK), EXCMD(CMD_rewind, "rewind", EXTRA|BANG|EDITCMD|TRLBAR), EXCMD(CMD_right, "right", TRLBAR|RANGE|EXTRA), EXCMD(CMD_rviminfo, "rviminfo", BANG|FILE1|TRLBAR), *************** *** 305,311 **** EXCMD(CMD_snext, "snext", RANGE|NOTADR|BANG|NAMEDFS|EDITCMD|TRLBAR), EXCMD(CMD_sniff, "sniff", EXTRA|TRLBAR), EXCMD(CMD_snomagic, "snomagic", RANGE|EXTRA), ! EXCMD(CMD_source, "source", BANG|NAMEDF|TRLBAR), EXCMD(CMD_split, "split", BANG|FILE1|RANGE|NOTADR|EDITCMD|TRLBAR), EXCMD(CMD_sprevious,"sprevious", EXTRA|RANGE|NOTADR|COUNT|BANG|EDITCMD|TRLBAR), EXCMD(CMD_srewind, "srewind", EXTRA|BANG|EDITCMD|TRLBAR), --- 306,312 ---- EXCMD(CMD_snext, "snext", RANGE|NOTADR|BANG|NAMEDFS|EDITCMD|TRLBAR), EXCMD(CMD_sniff, "sniff", EXTRA|TRLBAR), EXCMD(CMD_snomagic, "snomagic", RANGE|EXTRA), ! EXCMD(CMD_source, "source", BANG|NAMEDF|TRLBAR|SBOXOK), EXCMD(CMD_split, "split", BANG|FILE1|RANGE|NOTADR|EDITCMD|TRLBAR), EXCMD(CMD_sprevious,"sprevious", EXTRA|RANGE|NOTADR|COUNT|BANG|EDITCMD|TRLBAR), EXCMD(CMD_srewind, "srewind", EXTRA|BANG|EDITCMD|TRLBAR), *************** *** 324,332 **** EXCMD(CMD_tNext, "tNext", RANGE|NOTADR|BANG|TRLBAR|ZEROR), EXCMD(CMD_tag, "tag", RANGE|NOTADR|BANG|WORD1|TRLBAR|ZEROR), EXCMD(CMD_tags, "tags", TRLBAR), ! EXCMD(CMD_tcl, "tcl", RANGE|EXTRA|NEEDARG), ! EXCMD(CMD_tcldo, "tcldo", RANGE|DFLALL|EXTRA|NEEDARG), ! EXCMD(CMD_tclfile, "tclfile", RANGE|FILE1|NEEDARG), EXCMD(CMD_tearoff, "tearoff", NEEDARG|EXTRA|TRLBAR|NOTRLCOM), EXCMD(CMD_tjump, "tjump", BANG|TRLBAR|WORD1), EXCMD(CMD_tlast, "tlast", BANG|TRLBAR), --- 325,333 ---- EXCMD(CMD_tNext, "tNext", RANGE|NOTADR|BANG|TRLBAR|ZEROR), EXCMD(CMD_tag, "tag", RANGE|NOTADR|BANG|WORD1|TRLBAR|ZEROR), EXCMD(CMD_tags, "tags", TRLBAR), ! EXCMD(CMD_tcl, "tcl", RANGE|EXTRA|NEEDARG|SBOXOK), ! EXCMD(CMD_tcldo, "tcldo", RANGE|DFLALL|EXTRA|NEEDARG|SBOXOK), ! EXCMD(CMD_tclfile, "tclfile", RANGE|FILE1|NEEDARG|SBOXOK), EXCMD(CMD_tearoff, "tearoff", NEEDARG|EXTRA|TRLBAR|NOTRLCOM), EXCMD(CMD_tjump, "tjump", BANG|TRLBAR|WORD1), EXCMD(CMD_tlast, "tlast", BANG|TRLBAR), *************** *** 339,345 **** EXCMD(CMD_undo, "undo", TRLBAR), EXCMD(CMD_unabbreviate,"unabbreviate",EXTRA|TRLBAR|NOTRLCOM|USECTRLV), EXCMD(CMD_unhide, "unhide", RANGE|NOTADR|COUNT|TRLBAR), ! EXCMD(CMD_unlet, "unlet", BANG|EXTRA|NEEDARG|TRLBAR), EXCMD(CMD_unmap, "unmap", BANG|EXTRA|TRLBAR|NOTRLCOM|USECTRLV), EXCMD(CMD_unmenu, "unmenu", BANG|EXTRA|TRLBAR|NOTRLCOM|USECTRLV), EXCMD(CMD_update, "update", RANGE|BANG|FILE1|DFLALL|TRLBAR), --- 340,346 ---- EXCMD(CMD_undo, "undo", TRLBAR), EXCMD(CMD_unabbreviate,"unabbreviate",EXTRA|TRLBAR|NOTRLCOM|USECTRLV), EXCMD(CMD_unhide, "unhide", RANGE|NOTADR|COUNT|TRLBAR), ! EXCMD(CMD_unlet, "unlet", BANG|EXTRA|NEEDARG|TRLBAR|SBOXOK), EXCMD(CMD_unmap, "unmap", BANG|EXTRA|TRLBAR|NOTRLCOM|USECTRLV), EXCMD(CMD_unmenu, "unmenu", BANG|EXTRA|TRLBAR|NOTRLCOM|USECTRLV), EXCMD(CMD_update, "update", RANGE|BANG|FILE1|DFLALL|TRLBAR), *************** *** 357,363 **** EXCMD(CMD_write, "write", RANGE|BANG|FILE1|DFLALL|TRLBAR), EXCMD(CMD_wNext, "wNext", RANGE|NOTADR|BANG|FILE1|TRLBAR), EXCMD(CMD_wall, "wall", BANG|TRLBAR), ! EXCMD(CMD_while, "while", EXTRA|NOTRLCOM), EXCMD(CMD_winsize, "winsize", EXTRA|NEEDARG|TRLBAR), EXCMD(CMD_winpos, "winpos", EXTRA|TRLBAR), EXCMD(CMD_wnext, "wnext", RANGE|NOTADR|BANG|FILE1|TRLBAR), --- 358,364 ---- EXCMD(CMD_write, "write", RANGE|BANG|FILE1|DFLALL|TRLBAR), EXCMD(CMD_wNext, "wNext", RANGE|NOTADR|BANG|FILE1|TRLBAR), EXCMD(CMD_wall, "wall", BANG|TRLBAR), ! EXCMD(CMD_while, "while", EXTRA|NOTRLCOM|SBOXOK), EXCMD(CMD_winsize, "winsize", EXTRA|NEEDARG|TRLBAR), EXCMD(CMD_winpos, "winpos", EXTRA|TRLBAR), EXCMD(CMD_wnext, "wnext", RANGE|NOTADR|BANG|FILE1|TRLBAR), *** ../vim-5.7.23/src/ex_docmd.c Sun Oct 22 16:43:53 2000 --- src/ex_docmd.c Mon Jan 29 20:32:24 2001 *************** *** 1027,1032 **** --- 1027,1041 ---- #endif ea.argt = cmdnames[(int)ea.cmdidx].cmd_argt; + #ifdef HAVE_SANDBOX + if (sandbox != 0 && !(ea.argt & SBOXOK)) + { + /* Command not allowed in sandbox. */ + errormsg = e_sandbox; + goto doend; + } + #endif + if (!(ea.argt & RANGE) && ea.addr_count) /* no range allowed */ { errormsg = e_norange; *** ../vim-5.7.23/src/globals.h Tue Jun 20 21:28:04 2000 --- src/globals.h Mon Jan 29 20:32:44 2001 *************** *** 319,324 **** --- 319,332 ---- * allowed, e.g. when sourcing .exrc or .vimrc * in current directory */ + #if defined(STATUSLINE) && defined(WANT_EVAL) + # define HAVE_SANDBOX + EXTERN int sandbox INIT(= 0); + /* non-zero when evaluating an expression in a + * "sandbox". Not allowed to change the + * buffer. */ + #endif + EXTERN int silent_mode INIT(= FALSE); /* set to TRUE when "-s" commandline argument * used for ex */ *************** *** 779,784 **** --- 787,795 ---- #endif #ifdef QUICKFIX EXTERN char_u e_readerrf[] INIT(="Error while reading errorfile"); + #endif + #ifdef HAVE_SANDBOX + EXTERN char_u e_sandbox[] INIT(="Not allowed in sandbox"); #endif EXTERN char_u e_scroll[] INIT(="Invalid scroll size"); EXTERN char_u e_tagformat[] INIT(="Format error in tags file \"%s\""); *** ../vim-5.7.23/src/option.c Wed Jun 7 12:56:08 2000 --- src/option.c Mon Jan 29 20:17:58 2001 *************** *** 3855,3861 **** * in secure mode, setting of the secure option is not * allowed */ ! if (secure && (int *)varp == &p_secure) return (char_u *)"not allowed here"; #ifdef USE_GUI --- 3855,3865 ---- * in secure mode, setting of the secure option is not * allowed */ ! if ((secure ! #ifdef HAVE_SANDBOX ! || sandbox != 0 ! #endif ! ) && (int *)varp == &p_secure) return (char_u *)"not allowed here"; #ifdef USE_GUI *** ../vim-5.7.23/src/screen.c Mon Jan 8 11:50:35 2001 --- src/screen.c Mon Jan 29 19:56:10 2001 *************** *** 2876,2882 **** curwin = wp; curbuf = wp->w_buffer; ! str = eval_to_string(p, &t); if (str != NULL && *str != 0) { t = str; --- 2876,2882 ---- curwin = wp; curbuf = wp->w_buffer; ! str = eval_to_string_safe(p, &t); if (str != NULL && *str != 0) { t = str; *** ../vim-5.7.23/src/undo.c Sun Oct 31 16:18:20 1999 --- src/undo.c Mon Jan 29 20:34:03 2001 *************** *** 155,160 **** --- 155,172 ---- struct u_entry *uep; long size; + #ifdef HAVE_SANDBOX + /* + * In the sandbox it's not allowed to change the text. Letting the + * undo fail is a crude way to make all change commands fail. + */ + if (sandbox != 0) + { + EMSG(e_sandbox); + return FAIL; + } + #endif + /* * if curbuf->b_u_synced == TRUE make a new header */ *************** *** 314,319 **** --- 326,340 ---- u_doit(count) int count; { + #ifdef HAVE_SANDBOX + /* In the sandbox it's not allowed to change the text. */ + if (sandbox != 0) + { + EMSG(e_sandbox); + return; + } + #endif + u_newcount = 0; u_oldcount = 0; while (count--) *** ../vim-5.7.23/src/version.c Thu Jan 18 14:01:55 2001 --- src/version.c Mon Jan 29 20:50:45 2001 *************** *** 439,440 **** --- 439,442 ---- { /* Add new patch number below this line */ + /**/ + 24, /**/ -- hundred-and-one symptoms of being an internet addict: 70. ISDN lines are added to your house on a hourly basis /// Bram Moolenaar -- Bram@moolenaar.net -- http://www.moolenaar.net \\\ ((( Creator of Vim - http://www.vim.org -- ftp://ftp.vim.org/pub/vim ))) \\\ Help me helping AIDS orphans in Uganda - http://iccf-holland.org ///