patch 9.1.1690: Missing recursion guard in dos/unix_expandpath()

Problem:  Missing recursion guard in dos/unix_expandpath()
Solution: Add guard variables (ashamedbit)

fixes: #18099
closes: #18106

Co-authored-by: Hirohito Higashi <h.east.727@gmail.com>
Signed-off-by: ashamedbit <muralianiruddhan@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
This commit is contained in:
ashamedbit
2025-08-26 17:43:18 +02:00
committed by Christian Brabandt
parent 540480697d
commit e8948a1f80
2 changed files with 18 additions and 6 deletions

View File

@ -3708,10 +3708,15 @@ dos_expandpath(
vim_snprintf((char *)buf + len, buflen - len, "%s", path_end); vim_snprintf((char *)buf + len, buflen - len, "%s", path_end);
if (mch_has_exp_wildcard(path_end)) if (mch_has_exp_wildcard(path_end))
{
if (stardepth < 100)
{ {
// need to expand another component of the path // need to expand another component of the path
// remove backslashes for the remaining components only // remove backslashes for the remaining components only
++stardepth;
(void)dos_expandpath(gap, buf, len + 1, flags, FALSE); (void)dos_expandpath(gap, buf, len + 1, flags, FALSE);
--stardepth;
}
} }
else else
{ {
@ -3949,10 +3954,15 @@ unix_expandpath(
vim_snprintf((char *)buf + len, buflen - len, "%s", path_end); vim_snprintf((char *)buf + len, buflen - len, "%s", path_end);
if (mch_has_exp_wildcard(path_end)) // handle more wildcards if (mch_has_exp_wildcard(path_end)) // handle more wildcards
{
if (stardepth < 100)
{ {
// need to expand another component of the path // need to expand another component of the path
// remove backslashes for the remaining components only // remove backslashes for the remaining components only
++stardepth;
(void)unix_expandpath(gap, buf, len + 1, flags, FALSE); (void)unix_expandpath(gap, buf, len + 1, flags, FALSE);
--stardepth;
}
} }
else else
{ {

View File

@ -724,6 +724,8 @@ static char *(features[]) =
static int included_patches[] = static int included_patches[] =
{ /* Add new patch number below this line */ { /* Add new patch number below this line */
/**/
1690,
/**/ /**/
1689, 1689,
/**/ /**/