vim: patch security issue
Fixes CVE-2019-12735 Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
This commit is contained in:
Jan Pavlinec
parent
d9f29124b7
commit
f2417d7198
2 changed files with 16 additions and 1 deletions
|
|
@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
|
||||||
|
|
||||||
PKG_NAME:=vim
|
PKG_NAME:=vim
|
||||||
PKG_VERSION:=8.1
|
PKG_VERSION:=8.1
|
||||||
PKG_RELEASE:=3
|
PKG_RELEASE:=4
|
||||||
VIMVER:=81
|
VIMVER:=81
|
||||||
|
|
||||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
|
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
|
||||||
|
|
|
||||||
15
utils/vim/patches/003-CVE-2019-12735.patch
Normal file
15
utils/vim/patches/003-CVE-2019-12735.patch
Normal file
|
|
@ -0,0 +1,15 @@
|
||||||
|
--- a/src/getchar.c
|
||||||
|
+++ b/src/getchar.c
|
||||||
|
@@ -1407,6 +1407,12 @@ openscript(
|
||||||
|
emsg(_(e_nesting));
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
+
|
||||||
|
+ // Disallow sourcing a file in the sandbox, the commands would be executed
|
||||||
|
+ // later, possibly outside of the sandbox.
|
||||||
|
+ if (check_secure())
|
||||||
|
+ return;
|
||||||
|
+
|
||||||
|
#ifdef FEAT_EVAL
|
||||||
|
if (ignore_script)
|
||||||
|
/* Not reading from script, also don't open one. Warning message? */
|
||||||
Loading…
Reference in a new issue