diff options
author | D. Ben Knoble <ben.knoble+github@gmail.com> | 2023-11-04 05:11:17 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-11-04 10:11:17 +0100 |
commit | cd8a3eaf5348feacfecab4b374b7ea4ce6a97422 (patch) | |
tree | 93c6255071557c69bc8e15ee7830a31c0a3a7149 /runtime/ftplugin/awk.vim | |
parent | 08b1c61e8b67be2b6a95d9b85d3bbf84cc70712f (diff) |
runtime(dist): centralize safe executable check and add vim library (#13413)
Follow up to 816fbcc26 (patch 9.0.1833: [security] runtime file fixes,
2023-08-31) and f7ac0ef50 (runtime: don't execute external commands when
loading ftplugins, 2023-09-06).
This puts the logic for safe executable checks in a single place, by introducing
a central vim library, so all filetypes benefit from consistency.
Notable changes:
- dist#vim because the (autoload) namespace for a new runtime support
library. Supporting functions should get documentation. It might make
life easier for NeoVim devs to make the documentation a new file
rather than cram it into existing files, though we may want
cross-references to it somewhere…
- The gzip and zip plugins need to be opted into by enabling execution
of those programs (or the global plugin_exec). This needs
documentation or discussion.
- This fixes a bug in the zig plugin: code setting s:tmp_cwd was removed
in f7ac0ef50 (runtime: don't execute external commands when loading
ftplugins, 2023-09-06), but the variable was still referenced. Since
the new function takes care of that automatically, the variable is no
longer needed.
Signed-off-by: D. Ben Knoble <ben.knoble+github@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
Diffstat (limited to 'runtime/ftplugin/awk.vim')
-rw-r--r-- | runtime/ftplugin/awk.vim | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/runtime/ftplugin/awk.vim b/runtime/ftplugin/awk.vim index 785088ff9b..40fe304cf4 100644 --- a/runtime/ftplugin/awk.vim +++ b/runtime/ftplugin/awk.vim @@ -37,8 +37,8 @@ if exists("g:awk_is_gawk") let b:undo_ftplugin .= " | setl fp<" endif - " Disabled by default for security reasons. - if get(g:, 'awk_exec', get(g:, 'plugin_exec', 0)) + " Disabled by default for security reasons. + if dist#vim#IsSafeExecutable('awk', 'gawk') let path = system("gawk 'BEGIN { printf ENVIRON[\"AWKPATH\"] }'") let path = substitute(path, '^\.\=:\|:\.\=$\|:\.\=:', ',,', 'g') " POSIX cwd let path = substitute(path, ':', ',', 'g') |