patch 8.1.1365: source command doesn't check for the sandbox
Problem: Source command doesn't check for the sandbox. (Armin Razmjou) Solution: Check for the sandbox when sourcing a file.
This commit is contained in:
		| @ -1407,6 +1407,12 @@ openscript( | ||||
| 	emsg(_(e_nesting)); | ||||
| 	return; | ||||
|     } | ||||
|  | ||||
|     // Disallow sourcing a file in the sandbox, the commands would be executed | ||||
|     // later, possibly outside of the sandbox. | ||||
|     if (check_secure()) | ||||
| 	return; | ||||
|  | ||||
| #ifdef FEAT_EVAL | ||||
|     if (ignore_script) | ||||
| 	/* Not reading from script, also don't open one.  Warning message? */ | ||||
|  | ||||
| @ -36,3 +36,12 @@ func Test_source_cmd() | ||||
|   au! SourcePre | ||||
|   au! SourcePost | ||||
| endfunc | ||||
|  | ||||
| func Test_source_sandbox() | ||||
|   new | ||||
|   call writefile(["Ohello\<Esc>"], 'Xsourcehello') | ||||
|   source! Xsourcehello | echo | ||||
|   call assert_equal('hello', getline(1)) | ||||
|   call assert_fails('sandbox source! Xsourcehello', 'E48:') | ||||
|   bwipe! | ||||
| endfunc | ||||
|  | ||||
| @ -767,6 +767,8 @@ static char *(features[]) = | ||||
|  | ||||
| static int included_patches[] = | ||||
| {   /* Add new patch number below this line */ | ||||
| /**/ | ||||
|     1365, | ||||
| /**/ | ||||
|     1364, | ||||
| /**/ | ||||
|  | ||||
		Reference in New Issue
	
	Block a user