Gitiles
Code Review Sign In
gerrit.omnirom.org / android_external_vim / 247bb7e43b47eb8407a1111bed60b61aceda52ad^! / .
commit247bb7e43b47eb8407a1111bed60b61aceda52ad[log] [tgz]
authorBram Moolenaar <Bram@vim.org>Tue Nov 20 14:27:07 2018 +0100
committerBram Moolenaar <Bram@vim.org>Tue Nov 20 14:27:07 2018 +0100
tree1808cdecd35033ae10e6b48f66122cf5c42d5486
parent82e8c92ebef5afcac0c0fdb706ff163f9b3366f7 [diff]
patch 8.1.0540: may evaluate insecure value when appending to option

Problem:    May evaluate insecure value when appending to option.
Solution:   Set the secure flag when changing an option that was previously
            set insecurely.  Also allow numbers for the characters from
            'spelllang' that are used for LANG.vim.

diff --git a/src/option.c b/src/option.c
index e6d46aa..50d405a 100644
--- a/src/option.c
+++ b/src/option.c

@@ -4705,6 +4705,8 @@
 	    }
 	    else
 	    {
+		int value_is_replaced = !prepending && !adding && !removing;
+
 		if (flags & P_BOOL)		    /* boolean */
 		{
 		    if (nextchar == '=' || nextchar == ':')
@@ -5209,12 +5211,36 @@
 			}
 #endif
 
-			/* Handle side effects, and set the global value for
-			 * ":set" on local options. Note: when setting 'syntax'
-			 * or 'filetype' autocommands may be triggered that can
-			 * cause havoc. */
-			errmsg = did_set_string_option(opt_idx, (char_u **)varp,
-				new_value_alloced, oldval, errbuf, opt_flags);
+			{
+			    long_u *p = insecure_flag(opt_idx, opt_flags);
+			    int	    did_inc_secure = FALSE;
+
+			    // When an option is set in the sandbox, from a
+			    // modeline or in secure mode, then deal with side
+			    // effects in secure mode.  Also when the value was
+			    // set with the P_INSECURE flag and is not
+			    // completely replaced.
+			    if (secure
+#ifdef HAVE_SANDBOX
+				    || sandbox != 0
+#endif
+				    || (opt_flags & OPT_MODELINE)
+				    || (!value_is_replaced && (*p & P_INSECURE)))
+			    {
+				did_inc_secure = TRUE;
+				++secure;
+			    }
+
+			    // Handle side effects, and set the global value for
+			    // ":set" on local options. Note: when setting 'syntax'
+			    // or 'filetype' autocommands may be triggered that can
+			    // cause havoc.
+			    errmsg = did_set_string_option(opt_idx, (char_u **)varp,
+				    new_value_alloced, oldval, errbuf, opt_flags);
+
+			    if (did_inc_secure)
+				--secure;
+			}
 
 #if defined(FEAT_EVAL)
 			if (errmsg == NULL)
@@ -5254,8 +5280,7 @@
 		}
 
 		if (opt_idx >= 0)
-		    did_set_option(opt_idx, opt_flags,
-					 !prepending && !adding && !removing);
+		    did_set_option(opt_idx, opt_flags, value_is_replaced);
 	    }
 
 skip:
@@ -7758,7 +7783,7 @@
 	     * '.encoding'.
 	     */
 	    for (p = q; *p != NUL; ++p)
-		if (!ASCII_ISALPHA(*p) && *p != '-')
+		if (!ASCII_ISALNUM(*p) && *p != '-')
 		    break;
 	    if (p > q)
 	    {

diff --git a/src/version.c b/src/version.c
index a6f155f..f3889b0 100644
--- a/src/version.c
+++ b/src/version.c

@@ -793,6 +793,8 @@
 static int included_patches[] =
 {   /* Add new patch number below this line */
 /**/
+    540,
+/**/
     539,
 /**/
     538,