diff options
| author | Bram Moolenaar <Bram@vim.org> | 2019-05-22 22:38:25 +0200 |
|---|---|---|
| committer | Bram Moolenaar <Bram@vim.org> | 2019-05-22 22:38:25 +0200 |
| commit | 53575521406739cf20bbe4e384d88e7dca11f040 (patch) | |
| tree | a972b87d48af2a7b193f26a0d23340c852f14e55 /src/getchar.c | |
| parent | 5c017b2de28d19dfa4af58b8973e32f31bb1477e (diff) | |
patch 8.1.1365: source command doesn't check for the sandboxv8.1.1365
Problem: Source command doesn't check for the sandbox. (Armin Razmjou)
Solution: Check for the sandbox when sourcing a file.
Diffstat (limited to 'src/getchar.c')
| -rw-r--r-- | src/getchar.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/src/getchar.c b/src/getchar.c index 9379a6a8d4..debad7efd2 100644 --- a/src/getchar.c +++ b/src/getchar.c @@ -1407,6 +1407,12 @@ openscript( emsg(_(e_nesting)); return; } + + // Disallow sourcing a file in the sandbox, the commands would be executed + // later, possibly outside of the sandbox. + if (check_secure()) + return; + #ifdef FEAT_EVAL if (ignore_script) /* Not reading from script, also don't open one. Warning message? */ |