diff options
Diffstat (limited to 'debian/patches')
24 files changed, 2480 insertions, 0 deletions
diff --git a/debian/patches/debian/Add-recognition-of-more-LaTeX-commands-for-tex-filetype-d.patch b/debian/patches/debian/Add-recognition-of-more-LaTeX-commands-for-tex-filetype-d.patch new file mode 100644 index 0000000..9cb8486 --- /dev/null +++ b/debian/patches/debian/Add-recognition-of-more-LaTeX-commands-for-tex-filetype-d.patch @@ -0,0 +1,27 @@ +From: Stefano Zacchiroli <zack@debian.org> +Date: Fri, 25 Aug 2006 13:33:04 +0200 +Subject: Add recognition of more LaTeX commands for tex filetype detection + +Since filetype detection of TeX files defaults to plaintex, we've added +detection of some additional LaTeX commands to help sway the detection +to LaTeX. + +Closes: #384479 +Signed-off-by: James McCoy <jamessan@debian.org> +--- + runtime/autoload/dist/ft.vim | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/runtime/autoload/dist/ft.vim b/runtime/autoload/dist/ft.vim +index de45faa..6a4294c 100644 +--- a/runtime/autoload/dist/ft.vim ++++ b/runtime/autoload/dist/ft.vim +@@ -665,7 +665,7 @@ func dist#ft#FTtex() + call cursor(1,1) + let firstNC = search('^\s*[^[:space:]%]', 'c', 1000) + if firstNC " Check the next thousand lines for a LaTeX or ConTeXt keyword. +- let lpat = 'documentclass\>\|usepackage\>\|begin{\|newcommand\>\|renewcommand\>' ++ let lpat = 'documentclass\>\|usepackage\>\|begin{\|newcommand\>\|renewcommand\>\|part\>\|chapter\>\|section\>\|subsection\>\|subsubsection\>\|paragraph\>\|subparagraph\>\|subsubparagraph' + let cpat = 'start\a\+\|setup\a\+\|usemodule\|enablemode\|enableregime\|setvariables\|useencoding\|usesymbols\|stelle\a\+\|verwende\a\+\|stel\a\+\|gebruik\a\+\|usa\a\+\|imposta\a\+\|regle\a\+\|utilisemodule\>' + let kwline = search('^\s*\\\%(' . lpat . '\)\|^\s*\\\(' . cpat . '\)', + \ 'cnp', firstNC + 1000) diff --git a/debian/patches/debian/Detect-the-rst-filetype-using-the-contents-of-the-file.patch b/debian/patches/debian/Detect-the-rst-filetype-using-the-contents-of-the-file.patch new file mode 100644 index 0000000..8c23cad --- /dev/null +++ b/debian/patches/debian/Detect-the-rst-filetype-using-the-contents-of-the-file.patch @@ -0,0 +1,28 @@ +From: James Vega <jamessan@debian.org> +Date: Fri, 18 Aug 2006 09:06:20 -0400 +Subject: Detect the rst filetype using the contents of the file + +Closes: #382541 +--- + runtime/scripts.vim | 8 ++++++++ + 1 file changed, 8 insertions(+) + +diff --git a/runtime/scripts.vim b/runtime/scripts.vim +index ab66c0c..a755bc7 100644 +--- a/runtime/scripts.vim ++++ b/runtime/scripts.vim +@@ -356,6 +356,14 @@ else + elseif s:line1 =~# 'exec\s\+\S*scheme' || s:line2 =~# 'exec\s\+\S*scheme' + set ft=scheme + ++ " rst files ++ elseif s:line1 =~ '^\.\.\s\|^\s*restindex\s*$' ++ \ || s:line2 =~ '^\.\.\s\|^\s*restindex\s*$' ++ \ || s:line3 =~ '^\.\.\s\|^\s*restindex\s*$' ++ \ || s:line4 =~ '^\.\.\s\|^\s*restindex\s*$' ++ \ || s:line5 =~ '^\.\.\s\|^\s*restindex\s*$' ++ set ft=rst ++ + " Git output + elseif s:line1 =~# '^\(commit\|tree\|object\) \x\{40\}\>\|^tag \S\+$' + set ft=git diff --git a/debian/patches/debian/Document-Debian-s-decision-to-disable-modelines-by-defaul.patch b/debian/patches/debian/Document-Debian-s-decision-to-disable-modelines-by-defaul.patch new file mode 100644 index 0000000..7c23fbb --- /dev/null +++ b/debian/patches/debian/Document-Debian-s-decision-to-disable-modelines-by-defaul.patch @@ -0,0 +1,29 @@ +From: James Vega <jamessan@debian.org> +Date: Thu, 27 Mar 2008 03:42:02 +0000 +Subject: Document Debian's decision to disable modelines by default + +Modelines have historically been a source of vulnerabilities in Vim. +As long as it remains a "blacklist suspected/proven dangerous options" +instead of a "whitelist allowed options" piece of functionality, +Debian's system-wide vimrc will maintain this setting. As such, the +documentation needs to be updated to reflect the induced behavior. + +Closes: #472522 +Signed-off-by: James McCoy <jamessan@debian.org> +--- + runtime/doc/options.txt | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/runtime/doc/options.txt b/runtime/doc/options.txt +index c9e2b0b..c269fea 100644 +--- a/runtime/doc/options.txt ++++ b/runtime/doc/options.txt +@@ -5392,7 +5392,7 @@ A jump table for the options with a short description can be found at |Q_op|. + + *'modeline'* *'ml'* *'nomodeline'* *'noml'* + 'modeline' 'ml' boolean (Vim default: on (off for root), +- Vi default: off) ++ Debian: off, Vi default: off) + local to buffer + *'modelines'* *'mls'* + 'modelines' 'mls' number (default 5) diff --git a/debian/patches/debian/Support-sourcing-a-vimrc.tiny-when-Vim-is-invoked-as-vi.patch b/debian/patches/debian/Support-sourcing-a-vimrc.tiny-when-Vim-is-invoked-as-vi.patch new file mode 100644 index 0000000..4822934 --- /dev/null +++ b/debian/patches/debian/Support-sourcing-a-vimrc.tiny-when-Vim-is-invoked-as-vi.patch @@ -0,0 +1,85 @@ +From: James McCoy <jamessan@debian.org> +Date: Tue, 6 Oct 2015 23:46:30 -0400 +Subject: Support sourcing a vimrc.tiny when Vim is invoked as vi + +This is used only in the vim-tiny package to allow a specific +configuration for vim-tiny's vi. The vim-tiny package is substantially +different from other Vim packages, so it does not make sense to +share the same config. + +Closes: #222138 +Signed-off-by: Stefano Zacchiroli <zack@debian.org> +Signed-off-by: James Vega <jamessan@debian.org> +--- + src/main.c | 14 +++++++++++++- + src/os_unix.h | 3 +++ + src/structs.h | 3 +++ + 3 files changed, 19 insertions(+), 1 deletion(-) + +diff --git a/src/main.c b/src/main.c +index df204bc..cb31bf1 100644 +--- a/src/main.c ++++ b/src/main.c +@@ -1786,6 +1786,10 @@ parse_command_name(mparm_T *parmp) + } + else if (STRNICMP(initstr, "vim", 3) == 0) + initstr += 3; ++#ifdef SYS_TINYRC_FILE ++ else if (STRNICMP(initstr, "vi", 2) == 0) ++ parmp->vi_mode = TRUE; ++#endif + + // Catch "[r][g]vimdiff" and "[r][g]viewdiff". + if (STRICMP(initstr, "diff") == 0) +@@ -3032,7 +3036,12 @@ source_startup_scripts(mparm_T *parmp) + * Get system wide defaults, if the file name is defined. + */ + #ifdef SYS_VIMRC_FILE +- (void)do_source((char_u *)SYS_VIMRC_FILE, FALSE, DOSO_NONE); ++# if defined(SYS_TINYRC_FILE) && defined(TINY_VIMRC) ++ if (parmp->vi_mode) ++ (void)do_source((char_u *)SYS_TINYRC_FILE, FALSE, DOSO_NONE); ++ else ++# endif ++ (void)do_source((char_u *)SYS_VIMRC_FILE, FALSE, DOSO_NONE); + #endif + #ifdef MACOS_X + (void)do_source((char_u *)"$VIMRUNTIME/macmap.vim", FALSE, DOSO_NONE); +@@ -3067,6 +3076,9 @@ source_startup_scripts(mparm_T *parmp) + && do_source((char_u *)USR_EXRC_FILE, FALSE, DOSO_NONE) == FAIL + #ifdef USR_EXRC_FILE2 + && do_source((char_u *)USR_EXRC_FILE2, FALSE, DOSO_NONE) == FAIL ++#endif ++#if defined(SYS_TINYRC_FILE) && defined(TINY_VIMRC) ++ && !parmp->vi_mode + #endif + && !has_dash_c_arg) + { +diff --git a/src/os_unix.h b/src/os_unix.h +index 8919ff0..fcc82eb 100644 +--- a/src/os_unix.h ++++ b/src/os_unix.h +@@ -213,6 +213,9 @@ typedef struct dsc$descriptor DESC; + /* + * Unix system-dependent file names + */ ++#ifndef SYS_TINYRC_FILE ++# define SYS_TINYRC_FILE "$VIM/vimrc.tiny" ++#endif + #ifndef SYS_VIMRC_FILE + # define SYS_VIMRC_FILE "$VIM/vimrc" + #endif +diff --git a/src/structs.h b/src/structs.h +index 5d0541b..d2ca1fc 100644 +--- a/src/structs.h ++++ b/src/structs.h +@@ -3472,6 +3472,9 @@ typedef struct + #ifdef FEAT_DIFF + int diff_mode; /* start with 'diff' set */ + #endif ++#ifdef SYS_TINYRC_FILE ++ int vi_mode; /* started as "vi" */ ++#endif + } mparm_T; + + /* diff --git a/debian/patches/patch-8.1.0878-test-for-has-bsd-fails-on-some-BSD-systems.patch b/debian/patches/patch-8.1.0878-test-for-has-bsd-fails-on-some-BSD-systems.patch new file mode 100644 index 0000000..9ffbc87 --- /dev/null +++ b/debian/patches/patch-8.1.0878-test-for-has-bsd-fails-on-some-BSD-systems.patch @@ -0,0 +1,37 @@ +From: Bram Moolenaar <Bram@vim.org> +Date: Thu, 7 Feb 2019 21:27:14 +0100 +Subject: patch 8.1.0878: test for has('bsd') fails on some BSD systems + +Problem: Test for has('bsd') fails on some BSD systems. +Solution: Adjust the uname match. (James McCoy, closes #3909) +--- + src/testdir/test_functions.vim | 2 ++ + src/version.c | 2 ++ + 2 files changed, 4 insertions(+) + +diff --git a/src/testdir/test_functions.vim b/src/testdir/test_functions.vim +index b08d9aa..e75a896 100644 +--- a/src/testdir/test_functions.vim ++++ b/src/testdir/test_functions.vim +@@ -1238,6 +1238,8 @@ func Test_platform_name() + let uname = system('uname') + call assert_equal(uname =~? 'BeOS', has('beos')) + call assert_equal(uname =~? 'BSD\|DragonFly', has('bsd')) ++ " GNU userland on BSD kernels (e.g., GNU/kFreeBSD) don't have BSD defined ++ call assert_equal(uname =~? '\%(GNU/k\w\+\)\@<!BSD\|DragonFly', has('bsd')) + call assert_equal(uname =~? 'HP-UX', has('hpux')) + call assert_equal(uname =~? 'Linux', has('linux')) + call assert_equal(uname =~? 'Darwin', has('mac')) +diff --git a/src/version.c b/src/version.c +index 0b86826..f5f9439 100644 +--- a/src/version.c ++++ b/src/version.c +@@ -791,6 +791,8 @@ static char *(features[]) = + + static int included_patches[] = + { /* Add new patch number below this line */ ++/**/ ++ 878, + /**/ + 875, + /**/ diff --git a/debian/patches/patch-8.1.0884-double-check-for-bsd-systems.patch b/debian/patches/patch-8.1.0884-double-check-for-bsd-systems.patch new file mode 100644 index 0000000..6888aed --- /dev/null +++ b/debian/patches/patch-8.1.0884-double-check-for-bsd-systems.patch @@ -0,0 +1,36 @@ +From: Bram Moolenaar <Bram@vim.org> +Date: Fri, 8 Feb 2019 23:09:48 +0100 +Subject: patch 8.1.0884: double check for bsd systems + +Problem: Double check for bsd systems. +Solution: Delete the old line. +--- + src/testdir/test_functions.vim | 1 - + src/version.c | 2 ++ + 2 files changed, 2 insertions(+), 1 deletion(-) + +diff --git a/src/testdir/test_functions.vim b/src/testdir/test_functions.vim +index e75a896..69e6ce0 100644 +--- a/src/testdir/test_functions.vim ++++ b/src/testdir/test_functions.vim +@@ -1237,7 +1237,6 @@ func Test_platform_name() + if has('unix') && executable('uname') + let uname = system('uname') + call assert_equal(uname =~? 'BeOS', has('beos')) +- call assert_equal(uname =~? 'BSD\|DragonFly', has('bsd')) + " GNU userland on BSD kernels (e.g., GNU/kFreeBSD) don't have BSD defined + call assert_equal(uname =~? '\%(GNU/k\w\+\)\@<!BSD\|DragonFly', has('bsd')) + call assert_equal(uname =~? 'HP-UX', has('hpux')) +diff --git a/src/version.c b/src/version.c +index f5f9439..46f63e7 100644 +--- a/src/version.c ++++ b/src/version.c +@@ -791,6 +791,8 @@ static char *(features[]) = + + static int included_patches[] = + { /* Add new patch number below this line */ ++/**/ ++ 884, + /**/ + 878, + /**/ diff --git a/debian/patches/patch-8.1.0948-when-built-without-eval-Vim-clean-produces.patch b/debian/patches/patch-8.1.0948-when-built-without-eval-Vim-clean-produces.patch new file mode 100644 index 0000000..8544ba9 --- /dev/null +++ b/debian/patches/patch-8.1.0948-when-built-without-eval-Vim-clean-produces.patch @@ -0,0 +1,95 @@ +From: Bram Moolenaar <Bram@vim.org> +Date: Mon, 18 Feb 2019 21:32:28 +0100 +Subject: patch 8.1.0948: when built without +eval "Vim --clean" produces + errors + +Problem: When built without +eval "Vim --clean" produces errors. (James + McCoy) +Solution: Do not enable filetype detection. +--- + runtime/defaults.vim | 51 ++++++++++++++++++++++++++++----------------------- + src/version.c | 2 ++ + 2 files changed, 30 insertions(+), 23 deletions(-) + +diff --git a/runtime/defaults.vim b/runtime/defaults.vim +index b848217..e8a0ff4 100644 +--- a/runtime/defaults.vim ++++ b/runtime/defaults.vim +@@ -1,7 +1,7 @@ + " The default vimrc file. + " + " Maintainer: Bram Moolenaar <Bram@vim.org> +-" Last change: 2019 Jan 26 ++" Last change: 2019 Feb 18 + " + " This is loaded if no vimrc file was found. + " Except when Vim is run with "-u NONE" or "-C". +@@ -90,28 +90,33 @@ if &t_Co > 2 || has("gui_running") + let c_comment_strings=1 + endif + +-" Enable file type detection. +-" Use the default filetype settings, so that mail gets 'tw' set to 72, +-" 'cindent' is on in C files, etc. +-" Also load indent files, to automatically do language-dependent indenting. +-" Revert with ":filetype off". +-filetype plugin indent on +- +-" Put these in an autocmd group, so that you can revert them with: +-" ":augroup vimStartup | au! | augroup END" +-augroup vimStartup +- au! +- +- " When editing a file, always jump to the last known cursor position. +- " Don't do it when the position is invalid, when inside an event handler +- " (happens when dropping a file on gvim) and for a commit message (it's +- " likely a different one than last time). +- autocmd BufReadPost * +- \ if line("'\"") >= 1 && line("'\"") <= line("$") && &ft !~# 'commit' +- \ | exe "normal! g`\"" +- \ | endif +- +-augroup END ++" Only do this part when Vim was compiled with the +eval feature. ++if 1 ++ ++ " Enable file type detection. ++ " Use the default filetype settings, so that mail gets 'tw' set to 72, ++ " 'cindent' is on in C files, etc. ++ " Also load indent files, to automatically do language-dependent indenting. ++ " Revert with ":filetype off". ++ filetype plugin indent on ++ ++ " Put these in an autocmd group, so that you can revert them with: ++ " ":augroup vimStartup | au! | augroup END" ++ augroup vimStartup ++ au! ++ ++ " When editing a file, always jump to the last known cursor position. ++ " Don't do it when the position is invalid, when inside an event handler ++ " (happens when dropping a file on gvim) and for a commit message (it's ++ " likely a different one than last time). ++ autocmd BufReadPost * ++ \ if line("'\"") >= 1 && line("'\"") <= line("$") && &ft !~# 'commit' ++ \ | exe "normal! g`\"" ++ \ | endif ++ ++ augroup END ++ ++endif + + " Convenient command to see the difference between the current buffer and the + " file it was loaded from, thus the changes you made. +diff --git a/src/version.c b/src/version.c +index 46f63e7..b59878e 100644 +--- a/src/version.c ++++ b/src/version.c +@@ -791,6 +791,8 @@ static char *(features[]) = + + static int included_patches[] = + { /* Add new patch number below this line */ ++/**/ ++ 948, + /**/ + 884, + /**/ diff --git a/debian/patches/patch-8.1.1046-the-secure-variable-is-used-inconsistently.patch b/debian/patches/patch-8.1.1046-the-secure-variable-is-used-inconsistently.patch new file mode 100644 index 0000000..bc56542 --- /dev/null +++ b/debian/patches/patch-8.1.1046-the-secure-variable-is-used-inconsistently.patch @@ -0,0 +1,64 @@ +From: Bram Moolenaar <Bram@vim.org> +Date: Sun, 24 Mar 2019 14:02:04 +0100 +Subject: patch 8.1.1046: the "secure" variable is used inconsistently + +Problem: the "secure" variable is used inconsistently. (Justin M. Keyes) +Solution: Set it to one instead of incrementing. + +(cherry picked from commit 82b033eff82d3ed0da77fd5f5a1c023766acabba) + +Signed-off-by: James McCoy <jamessan@debian.org> +--- + src/buffer.c | 2 +- + src/option.c | 9 ++++----- + src/version.c | 2 ++ + 3 files changed, 7 insertions(+), 6 deletions(-) + +diff --git a/src/buffer.c b/src/buffer.c +index 98d505f..2c5c282 100644 +--- a/src/buffer.c ++++ b/src/buffer.c +@@ -5510,7 +5510,7 @@ chk_modeline( + current_sctx.sc_lnum = 0; + #endif + // Make sure no risky things are executed as a side effect. +- ++secure; ++ secure = 1; + + retval = do_set(s, OPT_MODELINE | OPT_LOCAL | flags); + +diff --git a/src/option.c b/src/option.c +index 77d1024..4b6157d 100644 +--- a/src/option.c ++++ b/src/option.c +@@ -5161,13 +5161,12 @@ do_set( + // effects in secure mode. Also when the value was + // set with the P_INSECURE flag and is not + // completely replaced. +- if (secure ++ if ((opt_flags & OPT_MODELINE) + #ifdef HAVE_SANDBOX +- || sandbox != 0 ++ || sandbox != 0 + #endif +- || (opt_flags & OPT_MODELINE) +- || (!value_is_replaced && (*p & P_INSECURE))) +- ++secure; ++ || (!value_is_replaced && (*p & P_INSECURE))) ++ secure = 1; + + // Handle side effects, and set the global value + // for ":set" on local options. Note: when setting +diff --git a/src/version.c b/src/version.c +index b59878e..1a7ffa4 100644 +--- a/src/version.c ++++ b/src/version.c +@@ -791,6 +791,8 @@ static char *(features[]) = + + static int included_patches[] = + { /* Add new patch number below this line */ ++/**/ ++ 1046, + /**/ + 948, + /**/ diff --git a/debian/patches/patch-8.1.1365-source-command-doesn-t-check-for-the-sandb.patch b/debian/patches/patch-8.1.1365-source-command-doesn-t-check-for-the-sandb.patch new file mode 100644 index 0000000..0124ad8 --- /dev/null +++ b/debian/patches/patch-8.1.1365-source-command-doesn-t-check-for-the-sandb.patch @@ -0,0 +1,63 @@ +From: Bram Moolenaar <Bram@vim.org> +Date: Wed, 22 May 2019 22:38:25 +0200 +Subject: patch 8.1.1365: source command doesn't check for the sandbox + +Problem: Source command doesn't check for the sandbox. (Armin Razmjou) +Solution: Check for the sandbox when sourcing a file. + +(cherry picked from commit 53575521406739cf20bbe4e384d88e7dca11f040) + +Signed-off-by: James McCoy <jamessan@debian.org> +--- + src/getchar.c | 6 ++++++ + src/testdir/test_source.vim | 9 +++++++++ + src/version.c | 2 ++ + 3 files changed, 17 insertions(+) + +diff --git a/src/getchar.c b/src/getchar.c +index fe74dbf..3e4c964 100644 +--- a/src/getchar.c ++++ b/src/getchar.c +@@ -1407,6 +1407,12 @@ openscript( + emsg(_(e_nesting)); + return; + } ++ ++ // Disallow sourcing a file in the sandbox, the commands would be executed ++ // later, possibly outside of the sandbox. ++ if (check_secure()) ++ return; ++ + #ifdef FEAT_EVAL + if (ignore_script) + /* Not reading from script, also don't open one. Warning message? */ +diff --git a/src/testdir/test_source.vim b/src/testdir/test_source.vim +index a33d286..5166baf 100644 +--- a/src/testdir/test_source.vim ++++ b/src/testdir/test_source.vim +@@ -36,3 +36,12 @@ func Test_source_cmd() + au! SourcePre + au! SourcePost + endfunc ++ ++func Test_source_sandbox() ++ new ++ call writefile(["Ohello\<Esc>"], 'Xsourcehello') ++ source! Xsourcehello | echo ++ call assert_equal('hello', getline(1)) ++ call assert_fails('sandbox source! Xsourcehello', 'E48:') ++ bwipe! ++endfunc +diff --git a/src/version.c b/src/version.c +index 1a7ffa4..3040409 100644 +--- a/src/version.c ++++ b/src/version.c +@@ -791,6 +791,8 @@ static char *(features[]) = + + static int included_patches[] = + { /* Add new patch number below this line */ ++/**/ ++ 1365, + /**/ + 1046, + /**/ diff --git a/debian/patches/patch-8.1.1366-using-expressions-in-a-modeline-is-unsafe.patch b/debian/patches/patch-8.1.1366-using-expressions-in-a-modeline-is-unsafe.patch new file mode 100644 index 0000000..6918fc7 --- /dev/null +++ b/debian/patches/patch-8.1.1366-using-expressions-in-a-modeline-is-unsafe.patch @@ -0,0 +1,588 @@ +From: Bram Moolenaar <Bram@vim.org> +Date: Thu, 23 May 2019 15:38:06 +0200 +Subject: patch 8.1.1366: using expressions in a modeline is unsafe + +Problem: Using expressions in a modeline is unsafe. +Solution: Disallow using expressions in a modeline, unless the + 'modelineexpr' option is set. Update help, add more tests. + +(cherry picked from commit 110289e78195b6d01e1e6ad26ad450de476d41c1) + +Signed-off-by: James McCoy <jamessan@debian.org> +--- + runtime/doc/options.txt | 69 +++++++++++++++++++++++++++----- + src/option.c | 35 ++++++++++------ + src/option.h | 1 + + src/testdir/test49.in | 2 +- + src/testdir/test_modeline.vim | 93 +++++++++++++++++++++++++++++++++++++++---- + src/version.c | 2 + + 6 files changed, 169 insertions(+), 33 deletions(-) + +diff --git a/runtime/doc/options.txt b/runtime/doc/options.txt +index c269fea..7b25f20 100644 +--- a/runtime/doc/options.txt ++++ b/runtime/doc/options.txt +@@ -1,4 +1,4 @@ +-*options.txt* For Vim version 8.1. Last change: 2019 Feb 03 ++*options.txt* For Vim version 8.1. Last change: 2019 May 23 + + + VIM REFERENCE MANUAL by Bram Moolenaar +@@ -588,14 +588,17 @@ backslash in front of the ':' will be removed. Example: + /* vi:set dir=c\:\tmp: */ ~ + This sets the 'dir' option to "c:\tmp". Only a single backslash before the + ':' is removed. Thus to include "\:" you have to specify "\\:". +- ++ *E992* + No other commands than "set" are supported, for security reasons (somebody + might create a Trojan horse text file with modelines). And not all options +-can be set. For some options a flag is set, so that when it's used the +-|sandbox| is effective. Still, there is always a small risk that a modeline +-causes trouble. E.g., when some joker sets 'textwidth' to 5 all your lines +-are wrapped unexpectedly. So disable modelines before editing untrusted text. +-The mail ftplugin does this, for example. ++can be set. For some options a flag is set, so that when the value is used ++the |sandbox| is effective. Some options can only be set from the modeline ++when 'modelineexpr' is set (the default is off). ++ ++Still, there is always a small risk that a modeline causes trouble. E.g., ++when some joker sets 'textwidth' to 5 all your lines are wrapped unexpectedly. ++So disable modelines before editing untrusted text. The mail ftplugin does ++this, for example. + + Hint: If you would like to do something else than setting an option, you could + define an autocommand that checks the file for a specific string. For +@@ -1189,6 +1192,7 @@ A jump table for the options with a short description can be found at |Q_op|. + + The expression will be evaluated in the |sandbox| when set from a + modeline, see |sandbox-option|. ++ This option cannot be set in a modeline when 'modelineexpr' is off. + + It is not allowed to change text or jump to another window while + evaluating 'balloonexpr' |textlock|. +@@ -3354,7 +3358,7 @@ A jump table for the options with a short description can be found at |Q_op|. + The expression will be evaluated in the |sandbox| if set from a + modeline, see |sandbox-option|. + This option can't be set from a |modeline| when the 'diff' option is +- on. ++ on or the 'modelineexpr' option is off. + + It is not allowed to change text or jump to another window while + evaluating 'foldexpr' |textlock|. +@@ -3496,6 +3500,7 @@ A jump table for the options with a short description can be found at |Q_op|. + + The expression will be evaluated in the |sandbox| if set from a + modeline, see |sandbox-option|. ++ This option cannot be set in a modeline when 'modelineexpr' is off. + + It is not allowed to change text or jump to another window while + evaluating 'foldtext' |textlock|. +@@ -3534,6 +3539,7 @@ A jump table for the options with a short description can be found at |Q_op|. + The expression will be evaluated in the |sandbox| when set from a + modeline, see |sandbox-option|. That stops the option from working, + since changing the buffer text is not allowed. ++ This option cannot be set in a modeline when 'modelineexpr' is off. + NOTE: This option is set to "" when 'compatible' is set. + + *'formatoptions'* *'fo'* +@@ -3594,6 +3600,8 @@ A jump table for the options with a short description can be found at |Q_op|. + Also see 'swapsync' for controlling fsync() on swap files. + 'fsync' also applies to |writefile()|, unless a flag is used to + overrule it. ++ This option cannot be set from a |modeline| or in the |sandbox|, for ++ security reasons. + + *'gdefault'* *'gd'* *'nogdefault'* *'nogd'* + 'gdefault' 'gd' boolean (default off) +@@ -3888,7 +3896,7 @@ A jump table for the options with a short description can be found at |Q_op|. + *'guiheadroom'* *'ghr'* + 'guiheadroom' 'ghr' number (default 50) + global +- {not in Vi} {only for GTK and X11 GUI} ++ {only for GTK and X11 GUI} + The number of pixels subtracted from the screen height when fitting + the GUI window on the screen. Set this before the GUI is started, + e.g., in your |gvimrc| file. When zero, the whole screen height will +@@ -4049,6 +4057,7 @@ A jump table for the options with a short description can be found at |Q_op|. + 'guitabtooltip' is used for the tooltip, see below. + The expression will be evaluated in the |sandbox| when set from a + modeline, see |sandbox-option|. ++ This option cannot be set in a modeline when 'modelineexpr' is off. + + Only used when the GUI tab pages line is displayed. 'e' must be + present in 'guioptions'. For the non-GUI tab pages line 'tabline' is +@@ -4311,6 +4320,7 @@ A jump table for the options with a short description can be found at |Q_op|. + When this option contains printf-style '%' items, they will be + expanded according to the rules used for 'statusline'. See + 'titlestring' for example settings. ++ This option cannot be set in a modeline when 'modelineexpr' is off. + {not available when compiled without the |+statusline| feature} + + *'ignorecase'* *'ic'* *'noignorecase'* *'noic'* +@@ -4331,6 +4341,8 @@ A jump table for the options with a short description can be found at |Q_op|. + This option specifies a function that will be called to + activate or deactivate the Input Method. + It is not used in the GUI. ++ The expression will be evaluated in the |sandbox| when set from a ++ modeline, see |sandbox-option|. + + Example: > + function ImActivateFunc(active) +@@ -4459,6 +4471,8 @@ A jump table for the options with a short description can be found at |Q_op|. + set imstatusfunc=ImStatusFunc + < + NOTE: This function is invoked very often. Keep it fast. ++ The expression will be evaluated in the |sandbox| when set from a ++ modeline, see |sandbox-option|. + + *'imstyle'* *'imst'* + 'imstyle' 'imst' number (default 1) +@@ -4476,6 +4490,8 @@ A jump table for the options with a short description can be found at |Q_op|. + |single-repeat|, etc. Therefore over-the-spot style becomes the + default now. This should work fine for most people, however if you + have any problem with it, try using on-the-spot style. ++ The expression will be evaluated in the |sandbox| when set from a ++ modeline, see |sandbox-option|. + + *'include'* *'inc'* + 'include' 'inc' string (default "^\s*#\s*include") +@@ -4512,6 +4528,7 @@ A jump table for the options with a short description can be found at |Q_op|. + + The expression will be evaluated in the |sandbox| when set from a + modeline, see |sandbox-option|. ++ This option cannot be set in a modeline when 'modelineexpr' is off. + + It is not allowed to change text or jump to another window while + evaluating 'includeexpr' |textlock|. +@@ -4601,6 +4618,7 @@ A jump table for the options with a short description can be found at |Q_op|. + + The expression will be evaluated in the |sandbox| when set from a + modeline, see |sandbox-option|. ++ This option cannot be set in a modeline when 'modelineexpr' is off. + + It is not allowed to change text or jump to another window while + evaluating 'indentexpr' |textlock|. +@@ -5227,6 +5245,12 @@ A jump table for the options with a short description can be found at |Q_op|. + < This option cannot be set from a |modeline| or in the |sandbox|, for + security reasons. + ++ *'makespellmem'* *'msm'* ++'makespellmem' 'msm' string (default "460000,2000,500") ++ global ++ Values relevant only when compressing a spell file, see |spell|. ++ This option cannot be set from a |modeline| or in the |sandbox|. ++ + *'matchpairs'* *'mps'* + 'matchpairs' 'mps' string (default "(:),{:},[:]") + local to buffer +@@ -5250,7 +5274,6 @@ A jump table for the options with a short description can be found at |Q_op|. + *'matchtime'* *'mat'* + 'matchtime' 'mat' number (default 5) + global +- {not in Vi}{in Nvi} + Tenths of a second to show the matching paren, when 'showmatch' is + set. Note that this is not in milliseconds, like other options that + set a time. This is to be compatible with Nvi. +@@ -5394,6 +5417,17 @@ A jump table for the options with a short description can be found at |Q_op|. + 'modeline' 'ml' boolean (Vim default: on (off for root), + Debian: off, Vi default: off) + local to buffer ++ If 'modeline' is on 'modelines' gives the number of lines that is ++ checked for set commands. If 'modeline' is off or 'modelines' is zero ++ no lines are checked. See |modeline|. ++ ++ *'modelineexpr'* *'mle'* *'nomodelineexpr'* *'nomle'* ++'modelineexpr' 'mle' boolean (default: off) ++ global ++ When on allow some options that are an expression to be set in the ++ modeline. Check the option for whether it is affected by ++ 'modelineexpr'. Also see |modeline|. ++ + *'modelines'* *'mls'* + 'modelines' 'mls' number (default 5) + global +@@ -5405,9 +5439,9 @@ A jump table for the options with a short description can be found at |Q_op|. + set and to the Vim default value when 'compatible' is reset. + + *'modifiable'* *'ma'* *'nomodifiable'* *'noma'* ++ *E21* + 'modifiable' 'ma' boolean (default on) + local to buffer +- {not in Vi} *E21* + When off the buffer contents cannot be changed. The 'fileformat' and + 'fileencoding' options also can't be changed. + Can be reset on startup with the |-M| command line argument. +@@ -6456,6 +6490,8 @@ A jump table for the options with a short description can be found at |Q_op|. + When this option is not empty, it determines the content of the ruler + string, as displayed for the 'ruler' option. + The format of this option is like that of 'statusline'. ++ This option cannot be set in a modeline when 'modelineexpr' is off. ++ + The default ruler width is 17 characters. To make the ruler 15 + characters wide, put "%15(" at the start and "%)" at the end. + Example: > +@@ -7016,6 +7052,8 @@ A jump table for the options with a short description can be found at |Q_op|. + q use "recording" instead of "recording @a" + F don't give the file info when editing a file, like `:silent` + was used for the command ++ was used for the command; note that this also affects messages ++ from autocommands + + This gives you the opportunity to avoid that a change between buffers + requires you to hit <Enter>, but still gives as useful a message as +@@ -7600,6 +7638,7 @@ A jump table for the options with a short description can be found at |Q_op|. + + The 'statusline' option will be evaluated in the |sandbox| if set from + a modeline, see |sandbox-option|. ++ This option cannot be set in a modeline when 'modelineexpr' is off. + + It is not allowed to change text or jump to another window while + evaluating 'statusline' |textlock|. +@@ -7786,6 +7825,7 @@ A jump table for the options with a short description can be found at |Q_op|. + + When changing something that is used in 'tabline' that does not + trigger it to be updated, use |:redrawtabline|. ++ This option cannot be set in a modeline when 'modelineexpr' is off. + + Keep in mind that only one of the tab pages is the current one, others + are invisible and you can't jump to their windows. +@@ -8329,8 +8369,11 @@ A jump table for the options with a short description can be found at |Q_op|. + non-empty 't_ts' option). + When Vim was compiled with HAVE_X11 defined, the original title will + be restored if possible, see |X11|. ++ + When this option contains printf-style '%' items, they will be + expanded according to the rules used for 'statusline'. ++ This option cannot be set in a modeline when 'modelineexpr' is off. ++ + Example: > + :auto BufEnter * let &titlestring = hostname() . "/" . expand("%:p") + :set title titlestring=%<%F%=%l/%L-%P titlelen=70 +@@ -8520,6 +8563,8 @@ A jump table for the options with a short description can be found at |Q_op|. + undo file that exists is used. When it cannot be read an error is + given, no further entry is used. + See |undo-persistence|. ++ This option cannot be set from a |modeline| or in the |sandbox|, for ++ security reasons. + + *'undofile'* *'noundofile'* *'udf'* *'noudf'* + 'undofile' 'udf' boolean (default off) +@@ -8843,6 +8888,8 @@ A jump table for the options with a short description can be found at |Q_op|. + When equal to "NONE" no viminfo file will be read or written. + This option can be set with the |-i| command line flag. The |--clean| + command line flag sets it to "NONE". ++ This option cannot be set from a |modeline| or in the |sandbox|, for ++ security reasons. + + *'virtualedit'* *'ve'* + 'virtualedit' 've' string (default "") +diff --git a/src/option.c b/src/option.c +index 4b6157d..e1e89d5 100644 +--- a/src/option.c ++++ b/src/option.c +@@ -462,6 +462,7 @@ struct vimoption + * there is a redraw flag */ + #define P_NDNAME 0x8000000L /* only normal dir name chars allowed */ + #define P_RWINONLY 0x10000000L /* only redraw current window */ ++#define P_MLE 0x20000000L /* under control of 'modelineexpr' */ + + #define ISK_LATIN1 (char_u *)"@,48-57,_,192-255" + +@@ -649,7 +650,7 @@ static struct vimoption options[] = + {(char_u *)0L, (char_u *)0L} + #endif + SCTX_INIT}, +- {"balloonexpr", "bexpr", P_STRING|P_ALLOCED|P_VI_DEF|P_VIM, ++ {"balloonexpr", "bexpr", P_STRING|P_ALLOCED|P_VI_DEF|P_VIM|P_MLE, + #if defined(FEAT_BEVAL) && defined(FEAT_EVAL) + (char_u *)&p_bexpr, PV_BEXPR, + {(char_u *)"", (char_u *)0L} +@@ -726,7 +727,7 @@ static struct vimoption options[] = + (char_u *)&p_cmp, PV_NONE, + {(char_u *)"internal,keepascii", (char_u *)0L} + SCTX_INIT}, +- {"cdpath", "cd", P_STRING|P_EXPAND|P_VI_DEF|P_COMMA|P_NODUP, ++ {"cdpath", "cd", P_STRING|P_EXPAND|P_VI_DEF|P_SECURE|P_COMMA|P_NODUP, + #ifdef FEAT_SEARCHPATH + (char_u *)&p_cdpath, PV_NONE, + {(char_u *)",,", (char_u *)0L} +@@ -1178,7 +1179,7 @@ static struct vimoption options[] = + {(char_u *)NULL, (char_u *)0L} + #endif + SCTX_INIT}, +- {"foldexpr", "fde", P_STRING|P_ALLOCED|P_VIM|P_VI_DEF|P_RWIN, ++ {"foldexpr", "fde", P_STRING|P_ALLOCED|P_VIM|P_VI_DEF|P_RWIN|P_MLE, + #if defined(FEAT_FOLDING) && defined(FEAT_EVAL) + (char_u *)VAR_WIN, PV_FDE, + {(char_u *)"0", (char_u *)NULL} +@@ -1261,7 +1262,7 @@ static struct vimoption options[] = + {(char_u *)NULL, (char_u *)0L} + #endif + SCTX_INIT}, +- {"foldtext", "fdt", P_STRING|P_ALLOCED|P_VIM|P_VI_DEF|P_RWIN, ++ {"foldtext", "fdt", P_STRING|P_ALLOCED|P_VIM|P_VI_DEF|P_RWIN|P_MLE, + #if defined(FEAT_FOLDING) && defined(FEAT_EVAL) + (char_u *)VAR_WIN, PV_FDT, + {(char_u *)"foldtext()", (char_u *)NULL} +@@ -1270,7 +1271,7 @@ static struct vimoption options[] = + {(char_u *)NULL, (char_u *)0L} + #endif + SCTX_INIT}, +- {"formatexpr", "fex", P_STRING|P_ALLOCED|P_VI_DEF|P_VIM, ++ {"formatexpr", "fex", P_STRING|P_ALLOCED|P_VI_DEF|P_VIM|P_MLE, + #ifdef FEAT_EVAL + (char_u *)&p_fex, PV_FEX, + {(char_u *)"", (char_u *)0L} +@@ -1409,7 +1410,7 @@ static struct vimoption options[] = + (char_u *)NULL, PV_NONE, + #endif + {(char_u *)TRUE, (char_u *)0L} SCTX_INIT}, +- {"guitablabel", "gtl", P_STRING|P_VI_DEF|P_RWIN, ++ {"guitablabel", "gtl", P_STRING|P_VI_DEF|P_RWIN|P_MLE, + #if defined(FEAT_GUI_TABLINE) + (char_u *)&p_gtl, PV_NONE, + {(char_u *)"", (char_u *)0L} +@@ -1480,7 +1481,7 @@ static struct vimoption options[] = + (char_u *)NULL, PV_NONE, + #endif + {(char_u *)FALSE, (char_u *)0L} SCTX_INIT}, +- {"iconstring", NULL, P_STRING|P_VI_DEF, ++ {"iconstring", NULL, P_STRING|P_VI_DEF|P_MLE, + #ifdef FEAT_TITLE + (char_u *)&p_iconstring, PV_NONE, + #else +@@ -1552,7 +1553,7 @@ static struct vimoption options[] = + {(char_u *)0L, (char_u *)0L} + #endif + SCTX_INIT}, +- {"includeexpr", "inex", P_STRING|P_ALLOCED|P_VI_DEF, ++ {"includeexpr", "inex", P_STRING|P_ALLOCED|P_VI_DEF|P_MLE, + #if defined(FEAT_FIND_ID) && defined(FEAT_EVAL) + (char_u *)&p_inex, PV_INEX, + {(char_u *)"", (char_u *)0L} +@@ -1564,7 +1565,7 @@ static struct vimoption options[] = + {"incsearch", "is", P_BOOL|P_VI_DEF|P_VIM, + (char_u *)&p_is, PV_NONE, + {(char_u *)FALSE, (char_u *)0L} SCTX_INIT}, +- {"indentexpr", "inde", P_STRING|P_ALLOCED|P_VI_DEF|P_VIM, ++ {"indentexpr", "inde", P_STRING|P_ALLOCED|P_VI_DEF|P_VIM|P_MLE, + #if defined(FEAT_CINDENT) && defined(FEAT_EVAL) + (char_u *)&p_inde, PV_INDE, + {(char_u *)"", (char_u *)0L} +@@ -1891,6 +1892,9 @@ static struct vimoption options[] = + {"modeline", "ml", P_BOOL|P_VIM, + (char_u *)&p_ml, PV_ML, + {(char_u *)FALSE, (char_u *)TRUE} SCTX_INIT}, ++ {"modelineexpr", "mle", P_BOOL|P_VI_DEF, ++ (char_u *)&p_mle, PV_NONE, ++ {(char_u *)FALSE, (char_u *)0L} SCTX_INIT}, + {"modelines", "mls", P_NUM|P_VI_DEF, + (char_u *)&p_mls, PV_NONE, + {(char_u *)5L, (char_u *)0L} SCTX_INIT}, +@@ -2314,7 +2318,7 @@ static struct vimoption options[] = + (char_u *)NULL, PV_NONE, + #endif + {(char_u *)FALSE, (char_u *)0L} SCTX_INIT}, +- {"rulerformat", "ruf", P_STRING|P_VI_DEF|P_ALLOCED|P_RSTAT, ++ {"rulerformat", "ruf", P_STRING|P_VI_DEF|P_ALLOCED|P_RSTAT|P_MLE, + #ifdef FEAT_STL_OPT + (char_u *)&p_ruf, PV_NONE, + #else +@@ -2580,7 +2584,7 @@ static struct vimoption options[] = + {"startofline", "sol", P_BOOL|P_VI_DEF|P_VIM, + (char_u *)&p_sol, PV_NONE, + {(char_u *)TRUE, (char_u *)0L} SCTX_INIT}, +- {"statusline" ,"stl", P_STRING|P_VI_DEF|P_ALLOCED|P_RSTAT, ++ {"statusline" ,"stl", P_STRING|P_VI_DEF|P_ALLOCED|P_RSTAT|P_MLE, + #ifdef FEAT_STL_OPT + (char_u *)&p_stl, PV_STL, + #else +@@ -2627,7 +2631,7 @@ static struct vimoption options[] = + {(char_u *)0L, (char_u *)0L} + #endif + SCTX_INIT}, +- {"tabline", "tal", P_STRING|P_VI_DEF|P_RALL, ++ {"tabline", "tal", P_STRING|P_VI_DEF|P_RALL|P_MLE, + #ifdef FEAT_STL_OPT + (char_u *)&p_tal, PV_NONE, + #else +@@ -2796,7 +2800,7 @@ static struct vimoption options[] = + {(char_u *)0L, (char_u *)0L} + #endif + SCTX_INIT}, +- {"titlestring", NULL, P_STRING|P_VI_DEF, ++ {"titlestring", NULL, P_STRING|P_VI_DEF|P_MLE, + #ifdef FEAT_TITLE + (char_u *)&p_titlestring, PV_NONE, + #else +@@ -4542,6 +4546,11 @@ do_set( + errmsg = _("E520: Not allowed in a modeline"); + goto skip; + } ++ if ((flags & P_MLE) && !p_mle) ++ { ++ errmsg = _("E992: Not allowed in a modeline when 'modelineexpr' is off"); ++ goto skip; ++ } + #ifdef FEAT_DIFF + /* In diff mode some options are overruled. This avoids that + * 'foldmethod' becomes "marker" instead of "diff" and that +diff --git a/src/option.h b/src/option.h +index 2985781..1cef928 100644 +--- a/src/option.h ++++ b/src/option.h +@@ -640,6 +640,7 @@ EXTERN long p_mis; /* 'menuitems' */ + #ifdef FEAT_SPELL + EXTERN char_u *p_msm; /* 'mkspellmem' */ + #endif ++EXTERN long p_mle; /* 'modelineexpr' */ + EXTERN long p_mls; /* 'modelines' */ + EXTERN char_u *p_mouse; /* 'mouse' */ + #ifdef FEAT_GUI +diff --git a/src/testdir/test49.in b/src/testdir/test49.in +index 79f13f6..a0c9e0d 100644 +--- a/src/testdir/test49.in ++++ b/src/testdir/test49.in +@@ -5,7 +5,7 @@ test49.failed, try to add one or more "G"s at the line ending in "test.out" + + STARTTEST + :so small.vim +-:se nocp nomore viminfo+=nviminfo ++:se nocp nomore viminfo+=nviminfo modelineexpr + :lang mess C + :so test49.vim + :" Go back to this file and append the results from register r. +diff --git a/src/testdir/test_modeline.vim b/src/testdir/test_modeline.vim +index e0f97c4..101116c 100644 +--- a/src/testdir/test_modeline.vim ++++ b/src/testdir/test_modeline.vim +@@ -60,14 +60,17 @@ func Test_modeline_keymap() + set keymap= iminsert=0 imsearch=-1 + endfunc + +-func s:modeline_fails(what, text) ++func s:modeline_fails(what, text, error) ++ if !exists('+' . a:what) ++ return ++ endif + let fname = "Xmodeline_fails_" . a:what + call writefile(['vim: set ' . a:text . ' :', 'nothing'], fname) + let modeline = &modeline + set modeline + filetype plugin on + syntax enable +- call assert_fails('split ' . fname, 'E474:') ++ call assert_fails('split ' . fname, a:error) + call assert_equal("", &filetype) + call assert_equal("", &syntax) + +@@ -79,16 +82,90 @@ func s:modeline_fails(what, text) + endfunc + + func Test_modeline_filetype_fails() +- call s:modeline_fails('filetype', 'ft=evil$CMD') ++ call s:modeline_fails('filetype', 'ft=evil$CMD', 'E474:') + endfunc + + func Test_modeline_syntax_fails() +- call s:modeline_fails('syntax', 'syn=evil$CMD') ++ call s:modeline_fails('syntax', 'syn=evil$CMD', 'E474:') + endfunc + + func Test_modeline_keymap_fails() +- if !has('keymap') +- return +- endif +- call s:modeline_fails('keymap', 'keymap=evil$CMD') ++ call s:modeline_fails('keymap', 'keymap=evil$CMD', 'E474:') ++endfunc ++ ++func Test_modeline_fails_always() ++ call s:modeline_fails('backupdir', 'backupdir=Something()', 'E520:') ++ call s:modeline_fails('cdpath', 'cdpath=Something()', 'E520:') ++ call s:modeline_fails('charconvert', 'charconvert=Something()', 'E520:') ++ call s:modeline_fails('completefunc', 'completefunc=Something()', 'E520:') ++ call s:modeline_fails('cscopeprg', 'cscopeprg=Something()', 'E520:') ++ call s:modeline_fails('diffexpr', 'diffexpr=Something()', 'E520:') ++ call s:modeline_fails('directory', 'directory=Something()', 'E520:') ++ call s:modeline_fails('equalprg', 'equalprg=Something()', 'E520:') ++ call s:modeline_fails('errorfile', 'errorfile=Something()', 'E520:') ++ call s:modeline_fails('exrc', 'exrc=Something()', 'E520:') ++ call s:modeline_fails('formatprg', 'formatprg=Something()', 'E520:') ++ call s:modeline_fails('fsync', 'fsync=Something()', 'E520:') ++ call s:modeline_fails('grepprg', 'grepprg=Something()', 'E520:') ++ call s:modeline_fails('helpfile', 'helpfile=Something()', 'E520:') ++ call s:modeline_fails('imactivatefunc', 'imactivatefunc=Something()', 'E520:') ++ call s:modeline_fails('imstatusfunc', 'imstatusfunc=Something()', 'E520:') ++ call s:modeline_fails('imstyle', 'imstyle=Something()', 'E520:') ++ call s:modeline_fails('keywordprg', 'keywordprg=Something()', 'E520:') ++ call s:modeline_fails('langmap', 'langmap=Something()', 'E520:') ++ call s:modeline_fails('luadll', 'luadll=Something()', 'E520:') ++ call s:modeline_fails('makeef', 'makeef=Something()', 'E520:') ++ call s:modeline_fails('makeprg', 'makeprg=Something()', 'E520:') ++ call s:modeline_fails('makespellmem', 'makespellmem=Something()', 'E520:') ++ call s:modeline_fails('mzschemedll', 'mzschemedll=Something()', 'E520:') ++ call s:modeline_fails('mzschemegcdll', 'mzschemegcdll=Something()', 'E520:') ++ call s:modeline_fails('omnifunc', 'omnifunc=Something()', 'E520:') ++ call s:modeline_fails('operatorfunc', 'operatorfunc=Something()', 'E520:') ++ call s:modeline_fails('perldll', 'perldll=Something()', 'E520:') ++ call s:modeline_fails('printdevice', 'printdevice=Something()', 'E520:') ++ call s:modeline_fails('patchexpr', 'patchexpr=Something()', 'E520:') ++ call s:modeline_fails('printexpr', 'printexpr=Something()', 'E520:') ++ call s:modeline_fails('pythondll', 'pythondll=Something()', 'E520:') ++ call s:modeline_fails('pythonhome', 'pythondll=Something()', 'E520:') ++ call s:modeline_fails('pythonthreedll', 'pythonthreedll=Something()', 'E520:') ++ call s:modeline_fails('pythonthreehome', 'pythonthreehome=Something()', 'E520:') ++ call s:modeline_fails('pyxversion', 'pyxversion=Something()', 'E520:') ++ call s:modeline_fails('rubydll', 'rubydll=Something()', 'E520:') ++ call s:modeline_fails('runtimepath', 'runtimepath=Something()', 'E520:') ++ call s:modeline_fails('secure', 'secure=Something()', 'E520:') ++ call s:modeline_fails('shell', 'shell=Something()', 'E520:') ++ call s:modeline_fails('shellcmdflag', 'shellcmdflag=Something()', 'E520:') ++ call s:modeline_fails('shellpipe', 'shellpipe=Something()', 'E520:') ++ call s:modeline_fails('shellquote', 'shellquote=Something()', 'E520:') ++ call s:modeline_fails('shellredir', 'shellredir=Something()', 'E520:') ++ call s:modeline_fails('shellxquote', 'shellxquote=Something()', 'E520:') ++ call s:modeline_fails('spellfile', 'spellfile=Something()', 'E520:') ++ call s:modeline_fails('spellsuggest', 'spellsuggest=Something()', 'E520:') ++ call s:modeline_fails('tcldll', 'tcldll=Something()', 'E520:') ++ call s:modeline_fails('titleold', 'titleold=Something()', 'E520:') ++ call s:modeline_fails('viewdir', 'viewdir=Something()', 'E520:') ++ call s:modeline_fails('viminfo', 'viminfo=Something()', 'E520:') ++ call s:modeline_fails('viminfofile', 'viminfofile=Something()', 'E520:') ++ call s:modeline_fails('winptydll', 'winptydll=Something()', 'E520:') ++ call s:modeline_fails('undodir', 'undodir=Something()', 'E520:') ++ " only check a few terminal options ++ call s:modeline_fails('t_AB', 't_AB=Something()', 'E520:') ++ call s:modeline_fails('t_ce', 't_ce=Something()', 'E520:') ++ call s:modeline_fails('t_sr', 't_sr=Something()', 'E520:') ++ call s:modeline_fails('t_8b', 't_8b=Something()', 'E520:') ++endfunc ++ ++func Test_modeline_fails_modelineexpr() ++ call s:modeline_fails('balloonexpr', 'balloonexpr=Something()', 'E992:') ++ call s:modeline_fails('foldexpr', 'foldexpr=Something()', 'E992:') ++ call s:modeline_fails('foldtext', 'foldtext=Something()', 'E992:') ++ call s:modeline_fails('formatexpr', 'formatexpr=Something()', 'E992:') ++ call s:modeline_fails('guitablabel', 'guitablabel=Something()', 'E992:') ++ call s:modeline_fails('iconstring', 'iconstring=Something()', 'E992:') ++ call s:modeline_fails('includeexpr', 'includeexpr=Something()', 'E992:') ++ call s:modeline_fails('indentexpr', 'indentexpr=Something()', 'E992:') ++ call s:modeline_fails('rulerformat', 'rulerformat=Something()', 'E992:') ++ call s:modeline_fails('statusline', 'statusline=Something()', 'E992:') ++ call s:modeline_fails('tabline', 'tabline=Something()', 'E992:') ++ call s:modeline_fails('titlestring', 'titlestring=Something()', 'E992:') + endfunc +diff --git a/src/version.c b/src/version.c +index 3040409..2cbc426 100644 +--- a/src/version.c ++++ b/src/version.c +@@ -791,6 +791,8 @@ static char *(features[]) = + + static int included_patches[] = + { /* Add new patch number below this line */ ++/**/ ++ 1366, + /**/ + 1365, + /**/ diff --git a/debian/patches/patch-8.1.1367-can-set-modelineexpr-in-modeline.patch b/debian/patches/patch-8.1.1367-can-set-modelineexpr-in-modeline.patch new file mode 100644 index 0000000..fd94f36 --- /dev/null +++ b/debian/patches/patch-8.1.1367-can-set-modelineexpr-in-modeline.patch @@ -0,0 +1,54 @@ +From: Bram Moolenaar <Bram@vim.org> +Date: Thu, 23 May 2019 17:08:49 +0200 +Subject: patch 8.1.1367: can set 'modelineexpr' in modeline + +Problem: can set 'modelineexpr' in modeline. +Solution: Add P_SECURE flag. + +(cherry picked from commit 7e800c6047c8a9cc3e5cbc019a4dc91ec36616b1) + +Signed-off-by: James McCoy <jamessan@debian.org> +--- + src/option.c | 2 +- + src/testdir/test_modeline.vim | 1 + + src/version.c | 2 ++ + 3 files changed, 4 insertions(+), 1 deletion(-) + +diff --git a/src/option.c b/src/option.c +index e1e89d5..e3f5f5d 100644 +--- a/src/option.c ++++ b/src/option.c +@@ -1892,7 +1892,7 @@ static struct vimoption options[] = + {"modeline", "ml", P_BOOL|P_VIM, + (char_u *)&p_ml, PV_ML, + {(char_u *)FALSE, (char_u *)TRUE} SCTX_INIT}, +- {"modelineexpr", "mle", P_BOOL|P_VI_DEF, ++ {"modelineexpr", "mle", P_BOOL|P_VI_DEF|P_SECURE, + (char_u *)&p_mle, PV_NONE, + {(char_u *)FALSE, (char_u *)0L} SCTX_INIT}, + {"modelines", "mls", P_NUM|P_VI_DEF, +diff --git a/src/testdir/test_modeline.vim b/src/testdir/test_modeline.vim +index 101116c..89c06ba 100644 +--- a/src/testdir/test_modeline.vim ++++ b/src/testdir/test_modeline.vim +@@ -119,6 +119,7 @@ func Test_modeline_fails_always() + call s:modeline_fails('makespellmem', 'makespellmem=Something()', 'E520:') + call s:modeline_fails('mzschemedll', 'mzschemedll=Something()', 'E520:') + call s:modeline_fails('mzschemegcdll', 'mzschemegcdll=Something()', 'E520:') ++ call s:modeline_fails('modelineexpr', 'modelineexpr', 'E520:') + call s:modeline_fails('omnifunc', 'omnifunc=Something()', 'E520:') + call s:modeline_fails('operatorfunc', 'operatorfunc=Something()', 'E520:') + call s:modeline_fails('perldll', 'perldll=Something()', 'E520:') +diff --git a/src/version.c b/src/version.c +index 2cbc426..0ce8831 100644 +--- a/src/version.c ++++ b/src/version.c +@@ -791,6 +791,8 @@ static char *(features[]) = + + static int included_patches[] = + { /* Add new patch number below this line */ ++/**/ ++ 1367, + /**/ + 1366, + /**/ diff --git a/debian/patches/patch-8.1.1368-modeline-test-fails-with-python-but-withou.patch b/debian/patches/patch-8.1.1368-modeline-test-fails-with-python-but-withou.patch new file mode 100644 index 0000000..36bbbe9 --- /dev/null +++ b/debian/patches/patch-8.1.1368-modeline-test-fails-with-python-but-withou.patch @@ -0,0 +1,42 @@ +From: Bram Moolenaar <Bram@vim.org> +Date: Thu, 23 May 2019 17:35:55 +0200 +Subject: patch 8.1.1368: modeline test fails with python but without + pythonhome + +Problem: Modeline test fails with python but without pythonhome. +Solution: Correct test argument. + +(cherry picked from commit e09244ee3567d658c293fb1ae0d47a1a8be870ac) + +Signed-off-by: James McCoy <jamessan@debian.org> +--- + src/testdir/test_modeline.vim | 2 +- + src/version.c | 2 ++ + 2 files changed, 3 insertions(+), 1 deletion(-) + +diff --git a/src/testdir/test_modeline.vim b/src/testdir/test_modeline.vim +index 89c06ba..7251036 100644 +--- a/src/testdir/test_modeline.vim ++++ b/src/testdir/test_modeline.vim +@@ -127,7 +127,7 @@ func Test_modeline_fails_always() + call s:modeline_fails('patchexpr', 'patchexpr=Something()', 'E520:') + call s:modeline_fails('printexpr', 'printexpr=Something()', 'E520:') + call s:modeline_fails('pythondll', 'pythondll=Something()', 'E520:') +- call s:modeline_fails('pythonhome', 'pythondll=Something()', 'E520:') ++ call s:modeline_fails('pythonhome', 'pythonhome=Something()', 'E520:') + call s:modeline_fails('pythonthreedll', 'pythonthreedll=Something()', 'E520:') + call s:modeline_fails('pythonthreehome', 'pythonthreehome=Something()', 'E520:') + call s:modeline_fails('pyxversion', 'pyxversion=Something()', 'E520:') +diff --git a/src/version.c b/src/version.c +index 0ce8831..90acd77 100644 +--- a/src/version.c ++++ b/src/version.c +@@ -791,6 +791,8 @@ static char *(features[]) = + + static int included_patches[] = + { /* Add new patch number below this line */ ++/**/ ++ 1368, + /**/ + 1367, + /**/ diff --git a/debian/patches/patch-8.1.1382-error-when-editing-test-file.patch b/debian/patches/patch-8.1.1382-error-when-editing-test-file.patch new file mode 100644 index 0000000..114c2a4 --- /dev/null +++ b/debian/patches/patch-8.1.1382-error-when-editing-test-file.patch @@ -0,0 +1,71 @@ +From: Bram Moolenaar <Bram@vim.org> +Date: Fri, 24 May 2019 17:33:01 +0200 +Subject: patch 8.1.1382: error when editing test file + +Problem: Error when editing test file. +Solution: Remove part of modeline. + +(cherry picked from commit 3020a87cb121123abf1e9a1eca0eddac241fc481) + +Signed-off-by: James McCoy <jamessan@debian.org> +--- + src/testdir/test49.in | 2 +- + src/testdir/test49.vim | 3 +-- + src/testdir/test_vimscript.vim | 1 - + src/version.c | 2 ++ + 4 files changed, 4 insertions(+), 4 deletions(-) + +diff --git a/src/testdir/test49.in b/src/testdir/test49.in +index a0c9e0d..79f13f6 100644 +--- a/src/testdir/test49.in ++++ b/src/testdir/test49.in +@@ -5,7 +5,7 @@ test49.failed, try to add one or more "G"s at the line ending in "test.out" + + STARTTEST + :so small.vim +-:se nocp nomore viminfo+=nviminfo modelineexpr ++:se nocp nomore viminfo+=nviminfo + :lang mess C + :so test49.vim + :" Go back to this file and append the results from register r. +diff --git a/src/testdir/test49.vim b/src/testdir/test49.vim +index 97088f0..7393ec4 100644 +--- a/src/testdir/test49.vim ++++ b/src/testdir/test49.vim +@@ -1,6 +1,6 @@ + " Vim script language tests + " Author: Servatius Brandt <Servatius.Brandt@fujitsu-siemens.com> +-" Last Change: 2019 Jan 13 ++" Last Change: 2019 May 24 + + "------------------------------------------------------------------------------- + " Test environment {{{1 +@@ -9005,5 +9005,4 @@ Xcheck 50443995 + "------------------------------------------------------------------------------- + " Modelines {{{1 + " vim: ts=8 sw=4 tw=80 fdm=marker +-" vim: fdt=substitute(substitute(foldtext(),\ '\\%(^+--\\)\\@<=\\(\\s*\\)\\(.\\{-}\\)\:\ \\%(\"\ \\)\\=\\(Test\ \\d*\\)\:\\s*',\ '\\3\ (\\2)\:\ \\1',\ \"\"),\ '\\(Test\\s*\\)\\(\\d\\)\\D\\@=',\ '\\1\ \\2',\ "") + "------------------------------------------------------------------------------- +diff --git a/src/testdir/test_vimscript.vim b/src/testdir/test_vimscript.vim +index 9de0a62..24379ed 100644 +--- a/src/testdir/test_vimscript.vim ++++ b/src/testdir/test_vimscript.vim +@@ -1444,5 +1444,4 @@ endfunc + "------------------------------------------------------------------------------- + " Modelines {{{1 + " vim: ts=8 sw=4 tw=80 fdm=marker +-" vim: fdt=substitute(substitute(foldtext(),\ '\\%(^+--\\)\\@<=\\(\\s*\\)\\(.\\{-}\\)\:\ \\%(\"\ \\)\\=\\(Test\ \\d*\\)\:\\s*',\ '\\3\ (\\2)\:\ \\1',\ \"\"),\ '\\(Test\\s*\\)\\(\\d\\)\\D\\@=',\ '\\1\ \\2',\ "") + "------------------------------------------------------------------------------- +diff --git a/src/version.c b/src/version.c +index 90acd77..a0ca945 100644 +--- a/src/version.c ++++ b/src/version.c +@@ -791,6 +791,8 @@ static char *(features[]) = + + static int included_patches[] = + { /* Add new patch number below this line */ ++/**/ ++ 1382, + /**/ + 1368, + /**/ diff --git a/debian/patches/patch-8.1.1401-misspelled-mkspellmem-as-makespellmem.patch b/debian/patches/patch-8.1.1401-misspelled-mkspellmem-as-makespellmem.patch new file mode 100644 index 0000000..5f422ac --- /dev/null +++ b/debian/patches/patch-8.1.1401-misspelled-mkspellmem-as-makespellmem.patch @@ -0,0 +1,69 @@ +From: Bram Moolenaar <Bram@vim.org> +Date: Sun, 26 May 2019 19:20:43 +0200 +Subject: patch 8.1.1401: misspelled mkspellmem as makespellmem + +Problem: Misspelled mkspellmem as makespellmem. +Solution: Drop duplicate help entry, fix test. (Naruhiko Nishino, Ken + Takata, closes #4437) + +(cherry picked from commit 076073950c44ea0e35bc39d539dc7ab41bf9c7ec) + +Signed-off-by: James McCoy <jamessan@debian.org> +--- + runtime/doc/options.txt | 8 ++------ + src/testdir/test_modeline.vim | 2 +- + src/version.c | 2 ++ + 3 files changed, 5 insertions(+), 7 deletions(-) + +diff --git a/runtime/doc/options.txt b/runtime/doc/options.txt +index 7b25f20..4ab87db 100644 +--- a/runtime/doc/options.txt ++++ b/runtime/doc/options.txt +@@ -5245,12 +5245,6 @@ A jump table for the options with a short description can be found at |Q_op|. + < This option cannot be set from a |modeline| or in the |sandbox|, for + security reasons. + +- *'makespellmem'* *'msm'* +-'makespellmem' 'msm' string (default "460000,2000,500") +- global +- Values relevant only when compressing a spell file, see |spell|. +- This option cannot be set from a |modeline| or in the |sandbox|. +- + *'matchpairs'* *'mps'* + 'matchpairs' 'mps' string (default "(:),{:},[:]") + local to buffer +@@ -5413,6 +5407,8 @@ A jump table for the options with a short description can be found at |Q_op|. + < If you have less than 512 Mbyte |:mkspell| may fail for some + languages, no matter what you set 'mkspellmem' to. + ++ This option cannot be set from a |modeline| or in the |sandbox|. ++ + *'modeline'* *'ml'* *'nomodeline'* *'noml'* + 'modeline' 'ml' boolean (Vim default: on (off for root), + Debian: off, Vi default: off) +diff --git a/src/testdir/test_modeline.vim b/src/testdir/test_modeline.vim +index 7251036..b5513d5 100644 +--- a/src/testdir/test_modeline.vim ++++ b/src/testdir/test_modeline.vim +@@ -116,7 +116,7 @@ func Test_modeline_fails_always() + call s:modeline_fails('luadll', 'luadll=Something()', 'E520:') + call s:modeline_fails('makeef', 'makeef=Something()', 'E520:') + call s:modeline_fails('makeprg', 'makeprg=Something()', 'E520:') +- call s:modeline_fails('makespellmem', 'makespellmem=Something()', 'E520:') ++ call s:modeline_fails('mkspellmem', 'mkspellmem=Something()', 'E520:') + call s:modeline_fails('mzschemedll', 'mzschemedll=Something()', 'E520:') + call s:modeline_fails('mzschemegcdll', 'mzschemegcdll=Something()', 'E520:') + call s:modeline_fails('modelineexpr', 'modelineexpr', 'E520:') +diff --git a/src/version.c b/src/version.c +index a0ca945..1b5d863 100644 +--- a/src/version.c ++++ b/src/version.c +@@ -791,6 +791,8 @@ static char *(features[]) = + + static int included_patches[] = + { /* Add new patch number below this line */ ++/**/ ++ 1401, + /**/ + 1382, + /**/ diff --git a/debian/patches/series b/debian/patches/series new file mode 100644 index 0000000..9a8f88a --- /dev/null +++ b/debian/patches/series @@ -0,0 +1,23 @@ +upstream/Support-defining-compilation-date-in-SOURCE_DATE_EPOCH.patch +debian/Support-sourcing-a-vimrc.tiny-when-Vim-is-invoked-as-vi.patch +debian/Detect-the-rst-filetype-using-the-contents-of-the-file.patch +debian/Add-recognition-of-more-LaTeX-commands-for-tex-filetype-d.patch +debian/Document-Debian-s-decision-to-disable-modelines-by-defaul.patch +patch-8.1.0878-test-for-has-bsd-fails-on-some-BSD-systems.patch +patch-8.1.0884-double-check-for-bsd-systems.patch +patch-8.1.0948-when-built-without-eval-Vim-clean-produces.patch +upstream/deb-release-names.patch +patch-8.1.1046-the-secure-variable-is-used-inconsistently.patch +patch-8.1.1365-source-command-doesn-t-check-for-the-sandb.patch +patch-8.1.1366-using-expressions-in-a-modeline-is-unsafe.patch +patch-8.1.1367-can-set-modelineexpr-in-modeline.patch +patch-8.1.1368-modeline-test-fails-with-python-but-withou.patch +patch-8.1.1382-error-when-editing-test-file.patch +patch-8.1.1401-misspelled-mkspellmem-as-makespellmem.patch +upstream/patch-8.1.0881-can-execute-shell-commands-in-rvim-through.patch +upstream/patch-8.1.0883-missing-some-changes-for-Ex-commands.patch +upstream/patch-8.1.0936-may-leak-memory-when-using-vartabstop.patch +upstream/patch-8.2.3402-invalid-memory-access-when-using-retab-wit.patch +upstream/patch-8.2.3403-memory-leak-for-retab-with-invalid-argumen.patch +upstream/patch-8.2.3409-reading-beyond-end-of-line-with-invalid-ut.patch +upstream/patch-8.2.3428-using-freed-memory-when-replacing.patch diff --git a/debian/patches/upstream/Support-defining-compilation-date-in-SOURCE_DATE_EPOCH.patch b/debian/patches/upstream/Support-defining-compilation-date-in-SOURCE_DATE_EPOCH.patch new file mode 100644 index 0000000..f26c02a --- /dev/null +++ b/debian/patches/upstream/Support-defining-compilation-date-in-SOURCE_DATE_EPOCH.patch @@ -0,0 +1,89 @@ +From: James McCoy <jamessan@jamessan.com> +Date: Thu, 28 Jan 2016 10:55:11 -0500 +Subject: Support defining compilation date in $SOURCE_DATE_EPOCH + +There is an ongoing effort[0] to make FOSS software reproducibly +buildable. In order to make Vim build reproducibly, it is necessary to +allow defining the date/time that is part of VIM_VERSION_LONG as part of +the build process. + +This commit enables that by adding support for the SOURCE_DATE_EPOCH +spec[1]. When the $SOURCE_DATE_EPOCH environment variable is defined, +it will be used to populate the BUILD_DATE preprocessor define. + +If BUILD_DATE is not defined, the existing behavior of relying on the +preprocessor's __DATE__/__TIME__ symbols will be used. + +[0]: https://reproducible-builds.org/ +[1]: https://reproducible-builds.org/specs/source-date-epoch/ +--- + src/config.h.in | 3 +++ + src/configure.ac | 10 ++++++++++ + src/version.c | 8 ++++++++ + 3 files changed, 21 insertions(+) + +diff --git a/src/config.h.in b/src/config.h.in +index d1aaf70..78cf319 100644 +--- a/src/config.h.in ++++ b/src/config.h.in +@@ -30,6 +30,9 @@ + /* Define when __DATE__ " " __TIME__ can be used */ + #undef HAVE_DATE_TIME + ++/* Defined as the date of last modification */ ++#undef BUILD_DATE ++ + /* Define when __attribute__((unused)) can be used */ + #undef HAVE_ATTRIBUTE_UNUSED + +diff --git a/src/configure.ac b/src/configure.ac +index 2b7725b..21ca7a1 100644 +--- a/src/configure.ac ++++ b/src/configure.ac +@@ -62,6 +62,16 @@ if test x"$ac_cv_prog_cc_c99" != xno; then + fi + fi + ++dnl If $SOURCE_DATE_EPOCH is present in the environment, use that as the ++dnl "compiled" timestamp in :version's output. Attempt to get the formatted ++dnl date using GNU date syntax, BSD date syntax, and finally falling back to ++dnl just using the current time. ++if test -n "$SOURCE_DATE_EPOCH"; then ++ DATE_FMT="%b %d %Y %H:%M:%S" ++ BUILD_DATE=$(LC_ALL=C date -u -d "@$SOURCE_DATE_EPOCH" "+$DATE_FMT" 2>/dev/null || LC_ALL=C date -u -r "$SOURCE_DATE_EPOCH" "+$DATE_FMT" 2>/dev/null || LC_ALL=C date -u "+$DATE_FMT") ++ AC_DEFINE_UNQUOTED(BUILD_DATE, ["$BUILD_DATE"]) ++fi ++ + dnl Check for the flag that fails if stuff are missing. + + AC_MSG_CHECKING(--enable-fail-if-missing argument) +diff --git a/src/version.c b/src/version.c +index 9b2e7c9..0b86826 100644 +--- a/src/version.c ++++ b/src/version.c +@@ -44,9 +44,13 @@ init_longVersion(void) + * VAX C can't catenate strings in the preprocessor. + */ + strcpy(longVersion, VIM_VERSION_LONG_DATE); ++#ifdef BUILD_DATE ++ strcat(longVersion, BUILD_DATE); ++#else + strcat(longVersion, __DATE__); + strcat(longVersion, " "); + strcat(longVersion, __TIME__); ++#endif + strcat(longVersion, ")"); + } + +@@ -54,7 +58,11 @@ init_longVersion(void) + void + init_longVersion(void) + { ++#ifdef BUILD_DATE ++ char *date_time = BUILD_DATE; ++#else + char *date_time = __DATE__ " " __TIME__; ++#endif + char *msg = _("%s (%s, compiled %s)"); + size_t len = strlen(msg) + + strlen(VIM_VERSION_LONG_ONLY) diff --git a/debian/patches/upstream/deb-release-names.patch b/debian/patches/upstream/deb-release-names.patch new file mode 100644 index 0000000..42b72dd --- /dev/null +++ b/debian/patches/upstream/deb-release-names.patch @@ -0,0 +1,58 @@ +From: James McCoy <jamessan@debian.org> +Date: Sun, 21 Apr 2019 23:12:18 -0400 +Subject: Add Ubuntu's eoan and Debian's buster, bullseye, bookworm releases + +Signed-off-by: James McCoy <jamessan@debian.org> +--- + runtime/syntax/debchangelog.vim | 4 ++-- + runtime/syntax/debsources.vim | 7 ++++--- + 2 files changed, 6 insertions(+), 5 deletions(-) + +diff --git a/runtime/syntax/debchangelog.vim b/runtime/syntax/debchangelog.vim +index 4ca4c29..9d6dfe9 100644 +--- a/runtime/syntax/debchangelog.vim ++++ b/runtime/syntax/debchangelog.vim +@@ -3,7 +3,7 @@ + " Maintainer: Debian Vim Maintainers + " Former Maintainers: Gerfried Fuchs <alfie@ist.org> + " Wichert Akkerman <wakkerma@debian.org> +-" Last Change: 2019 Jan 26 ++" Last Change: 2019 Apr 21 + " URL: https://salsa.debian.org/vim-team/vim-debian/blob/master/syntax/debchangelog.vim + + " Standard syntax initialization +@@ -21,7 +21,7 @@ let s:binNMU='binary-only=yes' + syn match debchangelogName contained "^[[:alnum:]][[:alnum:].+-]\+ " + exe 'syn match debchangelogFirstKV contained "; \('.s:urgency.'\|'.s:binNMU.'\)"' + exe 'syn match debchangelogOtherKV contained ", \('.s:urgency.'\|'.s:binNMU.'\)"' +-syn match debchangelogTarget contained "\v %(frozen|unstable|sid|%(testing|%(old)=stable)%(-proposed-updates|-security)=|experimental|squeeze-%(backports%(-sloppy)=|volatile|lts|security)|%(wheezy|jessie)%(-backports%(-sloppy)=|-security)=|stretch%(-backports|-security)=|%(devel|precise|trusty|vivid|wily|xenial|yakkety|zesty|artful|bionic|cosmic|disco)%(-%(security|proposed|updates|backports|commercial|partner))=)+" ++syn match debchangelogTarget contained "\v %(frozen|unstable|sid|%(testing|%(old)=stable)%(-proposed-updates|-security)=|experimental|%(squeeze|wheezy|jessie)-%(backports%(-sloppy)=|lts|security)|stretch%(-backports%(-sloppy)=|-security)=|buster%(-backports|-security)=|bullseye|%(devel|precise|trusty|vivid|wily|xenial|yakkety|zesty|artful|bionic|cosmic|disco|eoan)%(-%(security|proposed|updates|backports|commercial|partner))=)+" + syn match debchangelogVersion contained "(.\{-})" + syn match debchangelogCloses contained "closes:\_s*\(bug\)\=#\=\_s\=\d\+\(,\_s*\(bug\)\=#\=\_s\=\d\+\)*" + syn match debchangelogLP contained "\clp:\s\+#\d\+\(,\s*#\d\+\)*" +diff --git a/runtime/syntax/debsources.vim b/runtime/syntax/debsources.vim +index 4b21941..f90476f 100644 +--- a/runtime/syntax/debsources.vim ++++ b/runtime/syntax/debsources.vim +@@ -2,7 +2,7 @@ + " Language: Debian sources.list + " Maintainer: Debian Vim Maintainers + " Former Maintainer: Matthijs Mohlmann <matthijs@cacholong.nl> +-" Last Change: 2018 Oct 30 ++" Last Change: 2019 Apr 21 + " URL: https://salsa.debian.org/vim-team/vim-debian/blob/master/syntax/debsources.vim + + " Standard syntax initialization +@@ -23,9 +23,10 @@ let s:cpo = &cpo + set cpo-=C + let s:supported = [ + \ 'oldstable', 'stable', 'testing', 'unstable', 'experimental', +- \ 'wheezy', 'jessie', 'stretch', 'sid', 'rc-buggy', ++ \ 'wheezy', 'jessie', 'stretch', 'buster', 'bullseye', 'bookworm', ++ \ 'sid', 'rc-buggy', + \ +- \ 'trusty', 'xenial', 'bionic', 'cosmic', 'disco', 'devel' ++ \ 'trusty', 'xenial', 'bionic', 'cosmic', 'disco', 'eoan', 'devel' + \ ] + let s:unsupported = [ + \ 'buzz', 'rex', 'bo', 'hamm', 'slink', 'potato', diff --git a/debian/patches/upstream/patch-8.1.0881-can-execute-shell-commands-in-rvim-through.patch b/debian/patches/upstream/patch-8.1.0881-can-execute-shell-commands-in-rvim-through.patch new file mode 100644 index 0000000..01e9ad7 --- /dev/null +++ b/debian/patches/upstream/patch-8.1.0881-can-execute-shell-commands-in-rvim-through.patch @@ -0,0 +1,378 @@ +From: Bram Moolenaar <Bram@vim.org> +Date: Fri, 8 Feb 2019 14:34:10 +0100 +Subject: patch 8.1.0881: can execute shell commands in rvim through + interfaces + +Problem: Can execute shell commands in rvim through interfaces. +Solution: Disable using interfaces in restricted mode. Allow for writing + file with writefile(), histadd() and a few others. +(cherry picked from commit 8c62a08faf89663e5633dc5036cd8695c80f1075) +--- + runtime/doc/starting.txt | 14 ++++-- + src/evalfunc.c | 22 +++++++-- + src/ex_cmds.c | 2 +- + src/ex_docmd.c | 7 ++- + src/if_perl.xs | 13 ++--- + src/testdir/Make_all.mak | 2 + + src/testdir/test_restricted.vim | 107 ++++++++++++++++++++++++++++++++++++++++ + src/version.c | 2 + + 8 files changed, 151 insertions(+), 18 deletions(-) + create mode 100644 src/testdir/test_restricted.vim + +diff --git a/runtime/doc/starting.txt b/runtime/doc/starting.txt +index 711a487..6289e9c 100644 +--- a/runtime/doc/starting.txt ++++ b/runtime/doc/starting.txt +@@ -248,12 +248,18 @@ a slash. Thus "-R" means recovery and "-/R" readonly. + changes and writing. + {not in Vi} + +- *-Z* *restricted-mode* *E145* ++ *-Z* *restricted-mode* *E145* *E981* + -Z Restricted mode. All commands that make use of an external + shell are disabled. This includes suspending with CTRL-Z, +- ":sh", filtering, the system() function, backtick expansion, +- delete(), rename(), mkdir(), writefile(), libcall(), +- job_start(), etc. ++ ":sh", filtering, the system() function, backtick expansion ++ and libcall(). ++ Also disallowed are delete(), rename(), mkdir(), job_start(), ++ etc. ++ Interfaces, such as Python, Ruby and Lua, are also disabled, ++ since they could be used to execute shell commands. Perl uses ++ the Safe module. ++ Note that the user may still find a loophole to execute a ++ shell command, it has only been made difficult. + {not in Vi} + + *-g* +diff --git a/src/evalfunc.c b/src/evalfunc.c +index fa7ed9b..eb082b7 100644 +--- a/src/evalfunc.c ++++ b/src/evalfunc.c +@@ -6817,7 +6817,7 @@ f_histadd(typval_T *argvars UNUSED, typval_T *rettv) + #endif + + rettv->vval.v_number = FALSE; +- if (check_restricted() || check_secure()) ++ if (check_secure()) + return; + #ifdef FEAT_CMDHIST + str = tv_get_string_chk(&argvars[0]); /* NULL on type error */ +@@ -7898,6 +7898,9 @@ f_luaeval(typval_T *argvars, typval_T *rettv) + char_u *str; + char_u buf[NUMBUFLEN]; + ++ if (check_restricted() || check_secure()) ++ return; ++ + str = tv_get_string_buf(&argvars[0], buf); + do_luaeval(str, argvars + 1, rettv); + } +@@ -8644,6 +8647,8 @@ f_mzeval(typval_T *argvars, typval_T *rettv) + char_u *str; + char_u buf[NUMBUFLEN]; + ++ if (check_restricted() || check_secure()) ++ return; + str = tv_get_string_buf(&argvars[0], buf); + do_mzeval(str, rettv); + } +@@ -8932,6 +8937,9 @@ f_py3eval(typval_T *argvars, typval_T *rettv) + char_u *str; + char_u buf[NUMBUFLEN]; + ++ if (check_restricted() || check_secure()) ++ return; ++ + if (p_pyx == 0) + p_pyx = 3; + +@@ -8950,6 +8958,9 @@ f_pyeval(typval_T *argvars, typval_T *rettv) + char_u *str; + char_u buf[NUMBUFLEN]; + ++ if (check_restricted() || check_secure()) ++ return; ++ + if (p_pyx == 0) + p_pyx = 2; + +@@ -8965,6 +8976,9 @@ f_pyeval(typval_T *argvars, typval_T *rettv) + static void + f_pyxeval(typval_T *argvars, typval_T *rettv) + { ++ if (check_restricted() || check_secure()) ++ return; ++ + # if defined(FEAT_PYTHON) && defined(FEAT_PYTHON3) + init_pyxversion(); + if (p_pyx == 2) +@@ -10819,7 +10833,7 @@ f_setbufvar(typval_T *argvars, typval_T *rettv UNUSED) + typval_T *varp; + char_u nbuf[NUMBUFLEN]; + +- if (check_restricted() || check_secure()) ++ if (check_secure()) + return; + (void)tv_get_number(&argvars[0]); /* issue errmsg if type error */ + varname = tv_get_string_chk(&argvars[1]); +@@ -11341,7 +11355,7 @@ f_settabvar(typval_T *argvars, typval_T *rettv) + + rettv->vval.v_number = 0; + +- if (check_restricted() || check_secure()) ++ if (check_secure()) + return; + + tp = find_tabpage((int)tv_get_number_chk(&argvars[0], NULL)); +@@ -14714,7 +14728,7 @@ f_writefile(typval_T *argvars, typval_T *rettv) + blob_T *blob = NULL; + + rettv->vval.v_number = -1; +- if (check_restricted() || check_secure()) ++ if (check_secure()) + return; + + if (argvars[0].v_type == VAR_LIST) +diff --git a/src/ex_cmds.c b/src/ex_cmds.c +index a3974c1..681ef42 100644 +--- a/src/ex_cmds.c ++++ b/src/ex_cmds.c +@@ -4775,7 +4775,7 @@ check_restricted(void) + { + if (restricted) + { +- emsg(_("E145: Shell commands not allowed in rvim")); ++ emsg(_("E145: Shell commands and some functionality not allowed in rvim")); + return TRUE; + } + return FALSE; +diff --git a/src/ex_docmd.c b/src/ex_docmd.c +index b90ea7b..ccca2f9 100644 +--- a/src/ex_docmd.c ++++ b/src/ex_docmd.c +@@ -2007,11 +2007,16 @@ do_one_cmd( + #ifdef HAVE_SANDBOX + if (sandbox != 0 && !(ea.argt & SBOXOK)) + { +- /* Command not allowed in sandbox. */ ++ // Command not allowed in sandbox. + errormsg = _(e_sandbox); + goto doend; + } + #endif ++ if (restricted != 0 && (ea.argt & RESTRICT)) ++ { ++ errormsg = _("E981: Command not allowed in rvim"); ++ goto doend; ++ } + if (!curbuf->b_p_ma && (ea.argt & MODIFY)) + { + /* Command not allowed in non-'modifiable' buffer */ +diff --git a/src/if_perl.xs b/src/if_perl.xs +index 203bb6a..67d0b94 100644 +--- a/src/if_perl.xs ++++ b/src/if_perl.xs +@@ -971,6 +971,7 @@ VIM_init(void) + #ifdef DYNAMIC_PERL + static char *e_noperl = N_("Sorry, this command is disabled: the Perl library could not be loaded."); + #endif ++static char *e_perlsandbox = N_("E299: Perl evaluation forbidden in sandbox without the Safe module"); + + /* + * ":perl" +@@ -1019,13 +1020,12 @@ ex_perl(exarg_T *eap) + vim_free(script); + } + +-#ifdef HAVE_SANDBOX +- if (sandbox) ++ if (sandbox || secure) + { + safe = perl_get_sv("VIM::safe", FALSE); + # ifndef MAKE_TEST /* avoid a warning for unreachable code */ + if (safe == NULL || !SvTRUE(safe)) +- emsg(_("E299: Perl evaluation forbidden in sandbox without the Safe module")); ++ emsg(_(e_perlsandbox)); + else + # endif + { +@@ -1037,7 +1037,6 @@ ex_perl(exarg_T *eap) + } + } + else +-#endif + perl_eval_sv(sv, G_DISCARD | G_NOARGS); + + SvREFCNT_dec(sv); +@@ -1298,13 +1297,12 @@ do_perleval(char_u *str, typval_T *rettv) + ENTER; + SAVETMPS; + +-#ifdef HAVE_SANDBOX +- if (sandbox) ++ if (sandbox || secure) + { + safe = get_sv("VIM::safe", FALSE); + # ifndef MAKE_TEST /* avoid a warning for unreachable code */ + if (safe == NULL || !SvTRUE(safe)) +- emsg(_("E299: Perl evaluation forbidden in sandbox without the Safe module")); ++ emsg(_(e_perlsandbox)); + else + # endif + { +@@ -1320,7 +1318,6 @@ do_perleval(char_u *str, typval_T *rettv) + } + } + else +-#endif /* HAVE_SANDBOX */ + sv = eval_pv((char *)str, 0); + + if (sv) { +diff --git a/src/testdir/Make_all.mak b/src/testdir/Make_all.mak +index 5857a22..2ca5f2b 100644 +--- a/src/testdir/Make_all.mak ++++ b/src/testdir/Make_all.mak +@@ -213,6 +213,7 @@ NEW_TESTS = \ + test_regexp_utf8 \ + test_registers \ + test_reltime \ ++ test_restricted \ + test_retab \ + test_ruby \ + test_scriptnames \ +@@ -375,6 +376,7 @@ NEW_TESTS_RES = \ + test_quotestar.res \ + test_regex_char_classes.res \ + test_registers.res \ ++ test_restricted.res \ + test_retab.res \ + test_ruby.res \ + test_scriptnames.res \ +diff --git a/src/testdir/test_restricted.vim b/src/testdir/test_restricted.vim +new file mode 100644 +index 0000000..9dd937c +--- /dev/null ++++ b/src/testdir/test_restricted.vim +@@ -0,0 +1,107 @@ ++" Test for "rvim" or "vim -Z" ++ ++source shared.vim ++ ++func Test_restricted() ++ let cmd = GetVimCommand('Xrestricted') ++ if cmd == '' ++ return ++ endif ++ ++ call writefile([ ++ \ "silent !ls", ++ \ "call writefile([v:errmsg], 'Xrestrout')", ++ \ "qa!", ++ \ ], 'Xrestricted') ++ call system(cmd . ' -Z') ++ call assert_match('E145:', join(readfile('Xrestrout'))) ++ ++ call delete('Xrestricted') ++ call delete('Xrestrout') ++endfunc ++ ++func Run_restricted_test(ex_cmd, error) ++ let cmd = GetVimCommand('Xrestricted') ++ if cmd == '' ++ return ++ endif ++ ++ call writefile([ ++ \ a:ex_cmd, ++ \ "call writefile([v:errmsg], 'Xrestrout')", ++ \ "qa!", ++ \ ], 'Xrestricted') ++ call system(cmd . ' -Z') ++ call assert_match(a:error, join(readfile('Xrestrout'))) ++ ++ call delete('Xrestricted') ++ call delete('Xrestrout') ++endfunc ++ ++func Test_restricted_lua() ++ if !has('lua') ++ throw 'Skipped: Lua is not supported' ++ endif ++ call Run_restricted_test('lua print("Hello, Vim!")', 'E981:') ++ call Run_restricted_test('luado return "hello"', 'E981:') ++ call Run_restricted_test('luafile somefile', 'E981:') ++ call Run_restricted_test('call luaeval("expression")', 'E145:') ++endfunc ++ ++func Test_restricted_mzscheme() ++ if !has('mzscheme') ++ throw 'Skipped: MzScheme is not supported' ++ endif ++ call Run_restricted_test('mzscheme statement', 'E981:') ++ call Run_restricted_test('mzfile somefile', 'E981:') ++ call Run_restricted_test('call mzeval("expression")', 'E145:') ++endfunc ++ ++func Test_restricted_perl() ++ if !has('perl') ++ throw 'Skipped: Perl is not supported' ++ endif ++ " TODO: how to make Safe mode fail? ++ " call Run_restricted_test('perl system("ls")', 'E981:') ++ " call Run_restricted_test('perldo system("hello")', 'E981:') ++ " call Run_restricted_test('perlfile somefile', 'E981:') ++ " call Run_restricted_test('call perleval("system(\"ls\")")', 'E145:') ++endfunc ++ ++func Test_restricted_python() ++ if !has('python') ++ throw 'Skipped: Python is not supported' ++ endif ++ call Run_restricted_test('python print "hello"', 'E981:') ++ call Run_restricted_test('pydo return "hello"', 'E981:') ++ call Run_restricted_test('pyfile somefile', 'E981:') ++ call Run_restricted_test('call pyeval("expression")', 'E145:') ++endfunc ++ ++func Test_restricted_python3() ++ if !has('python3') ++ throw 'Skipped: Python3 is not supported' ++ endif ++ call Run_restricted_test('py3 print "hello"', 'E981:') ++ call Run_restricted_test('py3do return "hello"', 'E981:') ++ call Run_restricted_test('py3file somefile', 'E981:') ++ call Run_restricted_test('call py3eval("expression")', 'E145:') ++endfunc ++ ++func Test_restricted_ruby() ++ if !has('ruby') ++ throw 'Skipped: Ruby is not supported' ++ endif ++ call Run_restricted_test('ruby print "Hello"', 'E981:') ++ call Run_restricted_test('rubydo print "Hello"', 'E981:') ++ call Run_restricted_test('rubyfile somefile', 'E981:') ++endfunc ++ ++func Test_restricted_tcl() ++ if !has('tcl') ++ throw 'Skipped: Tcl is not supported' ++ endif ++ call Run_restricted_test('tcl puts "Hello"', 'E981:') ++ call Run_restricted_test('tcldo puts "Hello"', 'E981:') ++ call Run_restricted_test('tclfile somefile', 'E981:') ++endfunc +diff --git a/src/version.c b/src/version.c +index 1b5d863..adb3441 100644 +--- a/src/version.c ++++ b/src/version.c +@@ -809,6 +809,8 @@ static int included_patches[] = + 948, + /**/ + 884, ++/**/ ++ 881, + /**/ + 878, + /**/ diff --git a/debian/patches/upstream/patch-8.1.0883-missing-some-changes-for-Ex-commands.patch b/debian/patches/upstream/patch-8.1.0883-missing-some-changes-for-Ex-commands.patch new file mode 100644 index 0000000..6f2d6eb --- /dev/null +++ b/debian/patches/upstream/patch-8.1.0883-missing-some-changes-for-Ex-commands.patch @@ -0,0 +1,150 @@ +From: Bram Moolenaar <Bram@vim.org> +Date: Fri, 8 Feb 2019 16:50:26 +0100 +Subject: patch 8.1.0883: missing some changes for Ex commands + +Problem: Missing some changes for Ex commands. +Solution: Add mising changes in header file. +(cherry picked from commit 54d6fe5e60c0c488a424c078963ead40ae7dc397) +--- + src/ex_cmds.h | 45 +++++++++++++++++++++++---------------------- + src/version.c | 2 ++ + 2 files changed, 25 insertions(+), 22 deletions(-) + +diff --git a/src/ex_cmds.h b/src/ex_cmds.h +index 07afb00..eed4ce2 100644 +--- a/src/ex_cmds.h ++++ b/src/ex_cmds.h +@@ -57,6 +57,7 @@ + * curbuf_lock is set */ + #define MODIFY 0x200000L /* forbidden in non-'modifiable' buffer */ + #define EXFLAGS 0x400000L /* allow flags after count in argument */ ++#define RESTRICT 0x800000L /* forbidden in restricted mode */ + #define FILES (XFILE | EXTRA) /* multiple extra files allowed */ + #define WORD1 (EXTRA | NOSPC) /* one extra word allowed */ + #define FILE1 (FILES | NOSPC) /* 1 file allowed, defaults to current file */ +@@ -861,13 +862,13 @@ EX(CMD_lunmap, "lunmap", ex_unmap, + EXTRA|TRLBAR|NOTRLCOM|USECTRLV|CMDWIN, + ADDR_LINES), + EX(CMD_lua, "lua", ex_lua, +- RANGE|EXTRA|NEEDARG|CMDWIN, ++ RANGE|EXTRA|NEEDARG|CMDWIN|RESTRICT, + ADDR_LINES), + EX(CMD_luado, "luado", ex_luado, +- RANGE|DFLALL|EXTRA|NEEDARG|CMDWIN, ++ RANGE|DFLALL|EXTRA|NEEDARG|CMDWIN|RESTRICT, + ADDR_LINES), + EX(CMD_luafile, "luafile", ex_luafile, +- RANGE|FILE1|NEEDARG|CMDWIN, ++ RANGE|FILE1|NEEDARG|CMDWIN|RESTRICT, + ADDR_LINES), + EX(CMD_lvimgrep, "lvimgrep", ex_vimgrep, + RANGE|NOTADR|BANG|NEEDARG|EXTRA|NOTRLCOM|TRLBAR|XFILE, +@@ -930,10 +931,10 @@ EX(CMD_mode, "mode", ex_mode, + WORD1|TRLBAR|CMDWIN, + ADDR_LINES), + EX(CMD_mzscheme, "mzscheme", ex_mzscheme, +- RANGE|EXTRA|DFLALL|NEEDARG|CMDWIN|SBOXOK, ++ RANGE|EXTRA|DFLALL|NEEDARG|CMDWIN|SBOXOK|RESTRICT, + ADDR_LINES), + EX(CMD_mzfile, "mzfile", ex_mzfile, +- RANGE|FILE1|NEEDARG|CMDWIN, ++ RANGE|FILE1|NEEDARG|CMDWIN|RESTRICT, + ADDR_LINES), + EX(CMD_next, "next", ex_next, + RANGE|NOTADR|BANG|FILES|EDITCMD|ARGOPT|TRLBAR, +@@ -1116,37 +1117,37 @@ EX(CMD_pwd, "pwd", ex_pwd, + TRLBAR|CMDWIN, + ADDR_LINES), + EX(CMD_python, "python", ex_python, +- RANGE|EXTRA|NEEDARG|CMDWIN, ++ RANGE|EXTRA|NEEDARG|CMDWIN|RESTRICT, + ADDR_LINES), + EX(CMD_pydo, "pydo", ex_pydo, +- RANGE|DFLALL|EXTRA|NEEDARG|CMDWIN, ++ RANGE|DFLALL|EXTRA|NEEDARG|CMDWIN|RESTRICT, + ADDR_LINES), + EX(CMD_pyfile, "pyfile", ex_pyfile, +- RANGE|FILE1|NEEDARG|CMDWIN, ++ RANGE|FILE1|NEEDARG|CMDWIN|RESTRICT, + ADDR_LINES), + EX(CMD_py3, "py3", ex_py3, +- RANGE|EXTRA|NEEDARG|CMDWIN, ++ RANGE|EXTRA|NEEDARG|CMDWIN|RESTRICT, + ADDR_LINES), + EX(CMD_py3do, "py3do", ex_py3do, +- RANGE|DFLALL|EXTRA|NEEDARG|CMDWIN, ++ RANGE|DFLALL|EXTRA|NEEDARG|CMDWIN|RESTRICT, + ADDR_LINES), + EX(CMD_python3, "python3", ex_py3, +- RANGE|EXTRA|NEEDARG|CMDWIN, ++ RANGE|EXTRA|NEEDARG|CMDWIN|RESTRICT, + ADDR_LINES), + EX(CMD_py3file, "py3file", ex_py3file, +- RANGE|FILE1|NEEDARG|CMDWIN, ++ RANGE|FILE1|NEEDARG|CMDWIN|RESTRICT, + ADDR_LINES), + EX(CMD_pyx, "pyx", ex_pyx, +- RANGE|EXTRA|NEEDARG|CMDWIN, ++ RANGE|EXTRA|NEEDARG|CMDWIN|RESTRICT, + ADDR_LINES), + EX(CMD_pyxdo, "pyxdo", ex_pyxdo, +- RANGE|DFLALL|EXTRA|NEEDARG|CMDWIN, ++ RANGE|DFLALL|EXTRA|NEEDARG|CMDWIN|RESTRICT, + ADDR_LINES), + EX(CMD_pythonx, "pythonx", ex_pyx, +- RANGE|EXTRA|NEEDARG|CMDWIN, ++ RANGE|EXTRA|NEEDARG|CMDWIN|RESTRICT, + ADDR_LINES), + EX(CMD_pyxfile, "pyxfile", ex_pyxfile, +- RANGE|FILE1|NEEDARG|CMDWIN, ++ RANGE|FILE1|NEEDARG|CMDWIN|RESTRICT, + ADDR_LINES), + EX(CMD_quit, "quit", ex_quit, + BANG|RANGE|COUNT|NOTADR|TRLBAR|CMDWIN, +@@ -1203,13 +1204,13 @@ EX(CMD_runtime, "runtime", ex_runtime, + BANG|NEEDARG|FILES|TRLBAR|SBOXOK|CMDWIN, + ADDR_LINES), + EX(CMD_ruby, "ruby", ex_ruby, +- RANGE|EXTRA|NEEDARG|CMDWIN, ++ RANGE|EXTRA|NEEDARG|CMDWIN|RESTRICT, + ADDR_LINES), + EX(CMD_rubydo, "rubydo", ex_rubydo, +- RANGE|DFLALL|EXTRA|NEEDARG|CMDWIN, ++ RANGE|DFLALL|EXTRA|NEEDARG|CMDWIN|RESTRICT, + ADDR_LINES), + EX(CMD_rubyfile, "rubyfile", ex_rubyfile, +- RANGE|FILE1|NEEDARG|CMDWIN, ++ RANGE|FILE1|NEEDARG|CMDWIN|RESTRICT, + ADDR_LINES), + EX(CMD_rundo, "rundo", ex_rundo, + NEEDARG|FILE1, +@@ -1476,13 +1477,13 @@ EX(CMD_tabs, "tabs", ex_tabs, + TRLBAR|CMDWIN, + ADDR_TABS), + EX(CMD_tcl, "tcl", ex_tcl, +- RANGE|EXTRA|NEEDARG|CMDWIN, ++ RANGE|EXTRA|NEEDARG|CMDWIN|RESTRICT, + ADDR_LINES), + EX(CMD_tcldo, "tcldo", ex_tcldo, +- RANGE|DFLALL|EXTRA|NEEDARG|CMDWIN, ++ RANGE|DFLALL|EXTRA|NEEDARG|CMDWIN|RESTRICT, + ADDR_LINES), + EX(CMD_tclfile, "tclfile", ex_tclfile, +- RANGE|FILE1|NEEDARG|CMDWIN, ++ RANGE|FILE1|NEEDARG|CMDWIN|RESTRICT, + ADDR_LINES), + EX(CMD_tearoff, "tearoff", ex_tearoff, + NEEDARG|EXTRA|TRLBAR|NOTRLCOM|CMDWIN, +diff --git a/src/version.c b/src/version.c +index adb3441..6d29f39 100644 +--- a/src/version.c ++++ b/src/version.c +@@ -809,6 +809,8 @@ static int included_patches[] = + 948, + /**/ + 884, ++/**/ ++ 883, + /**/ + 881, + /**/ diff --git a/debian/patches/upstream/patch-8.1.0936-may-leak-memory-when-using-vartabstop.patch b/debian/patches/upstream/patch-8.1.0936-may-leak-memory-when-using-vartabstop.patch new file mode 100644 index 0000000..8d1eebc --- /dev/null +++ b/debian/patches/upstream/patch-8.1.0936-may-leak-memory-when-using-vartabstop.patch @@ -0,0 +1,95 @@ +From: Bram Moolenaar <Bram@vim.org> +Date: Sat, 16 Feb 2019 19:05:11 +0100 +Subject: patch 8.1.0936: may leak memory when using 'vartabstop' + +Problem: May leak memory when using 'vartabstop'. (Kuang-che Wu) +Solution: Fix handling allocated memory for 'vartabstop'. (closes #3976) +(cherry picked from commit 55c77cf2ea9c15e1ec75d1faf702ec3c9e325271) +--- + src/buffer.c | 4 +--- + src/option.c | 13 +++++++++---- + src/version.c | 2 ++ + 3 files changed, 12 insertions(+), 7 deletions(-) + +diff --git a/src/buffer.c b/src/buffer.c +index 2c5c282..590a63c 100644 +--- a/src/buffer.c ++++ b/src/buffer.c +@@ -2170,9 +2170,7 @@ free_buf_options( + vim_free(buf->b_p_vsts_array); + buf->b_p_vsts_array = NULL; + clear_string_option(&buf->b_p_vts); +- if (buf->b_p_vts_array) +- vim_free(buf->b_p_vts_array); +- buf->b_p_vts_array = NULL; ++ VIM_CLEAR(buf->b_p_vts_array); + #endif + #ifdef FEAT_KEYMAP + clear_string_option(&buf->b_p_keymap); +diff --git a/src/option.c b/src/option.c +index e3f5f5d..4d067c0 100644 +--- a/src/option.c ++++ b/src/option.c +@@ -5611,7 +5611,9 @@ didset_options2(void) + (void)check_clipboard_option(); + #endif + #ifdef FEAT_VARTABS ++ vim_free(curbuf->b_p_vsts_array); + tabstop_set(curbuf->b_p_vsts, &curbuf->b_p_vsts_array); ++ vim_free(curbuf->b_p_vts_array); + tabstop_set(curbuf->b_p_vts, &curbuf->b_p_vts_array); + #endif + } +@@ -7587,14 +7589,14 @@ did_set_string_option( + if (errmsg == NULL) + { + int *oldarray = curbuf->b_p_vts_array; ++ + if (tabstop_set(*varp, &(curbuf->b_p_vts_array))) + { +- if (oldarray) +- vim_free(oldarray); ++ vim_free(oldarray); + #ifdef FEAT_FOLDING + if (foldmethodIsIndent(curwin)) + foldUpdateAll(curwin); +-#endif /* FEAT_FOLDING */ ++#endif + } + else + errmsg = e_invarg; +@@ -12800,10 +12802,11 @@ check_ff_value(char_u *p) + return check_opt_strings(p, p_ff_values, FALSE); + } + +-#ifdef FEAT_VARTABS ++#if defined(FEAT_VARTABS) || defined(PROTO) + + /* + * Set the integer values corresponding to the string setting of 'vartabstop'. ++ * "array" will be set, caller must free it if needed. + */ + int + tabstop_set(char_u *var, int **array) +@@ -12846,6 +12849,8 @@ tabstop_set(char_u *var, int **array) + } + + *array = (int *)alloc((unsigned) ((valcount + 1) * sizeof(int))); ++ if (*array == NULL) ++ return FALSE; + (*array)[0] = valcount; + + t = 1; +diff --git a/src/version.c b/src/version.c +index 6d29f39..6bac28e 100644 +--- a/src/version.c ++++ b/src/version.c +@@ -807,6 +807,8 @@ static int included_patches[] = + 1046, + /**/ + 948, ++/**/ ++ 936, + /**/ + 884, + /**/ diff --git a/debian/patches/upstream/patch-8.2.3402-invalid-memory-access-when-using-retab-wit.patch b/debian/patches/upstream/patch-8.2.3402-invalid-memory-access-when-using-retab-wit.patch new file mode 100644 index 0000000..ca826e0 --- /dev/null +++ b/debian/patches/upstream/patch-8.2.3402-invalid-memory-access-when-using-retab-wit.patch @@ -0,0 +1,196 @@ +From: Bram Moolenaar <Bram@vim.org> +Date: Sat, 4 Sep 2021 18:47:28 +0200 +Subject: patch 8.2.3402: invalid memory access when using :retab with large + value + +Problem: Invalid memory access when using :retab with large value. +Solution: Check the number is positive. +(cherry picked from commit b7081e135a16091c93f6f5f7525a5c58fb7ca9f9) +--- + src/ex_cmds.c | 2 +- + src/option.c | 46 +++++++++++++++++++++++++++------------------- + src/testdir/test_retab.vim | 3 +++ + src/version.c | 1 + + 4 files changed, 32 insertions(+), 20 deletions(-) + +diff --git a/src/ex_cmds.c b/src/ex_cmds.c +index 681ef42..08d71e4 100644 +--- a/src/ex_cmds.c ++++ b/src/ex_cmds.c +@@ -698,7 +698,7 @@ ex_retab(exarg_T *eap) + + #ifdef FEAT_VARTABS + new_ts_str = eap->arg; +- if (!tabstop_set(eap->arg, &new_vts_array)) ++ if (tabstop_set(eap->arg, &new_vts_array) == FAIL) + return; + while (vim_isdigit(*(eap->arg)) || *(eap->arg) == ',') + ++(eap->arg); +diff --git a/src/option.c b/src/option.c +index 4d067c0..3ebd443 100644 +--- a/src/option.c ++++ b/src/option.c +@@ -5612,9 +5612,9 @@ didset_options2(void) + #endif + #ifdef FEAT_VARTABS + vim_free(curbuf->b_p_vsts_array); +- tabstop_set(curbuf->b_p_vsts, &curbuf->b_p_vsts_array); ++ (void)tabstop_set(curbuf->b_p_vsts, &curbuf->b_p_vsts_array); + vim_free(curbuf->b_p_vts_array); +- tabstop_set(curbuf->b_p_vts, &curbuf->b_p_vts_array); ++ (void)tabstop_set(curbuf->b_p_vts, &curbuf->b_p_vts_array); + #endif + } + +@@ -7551,7 +7551,7 @@ did_set_string_option( + if (errmsg == NULL) + { + int *oldarray = curbuf->b_p_vsts_array; +- if (tabstop_set(*varp, &(curbuf->b_p_vsts_array))) ++ if (tabstop_set(*varp, &(curbuf->b_p_vsts_array)) == OK) + { + if (oldarray) + vim_free(oldarray); +@@ -7590,7 +7590,7 @@ did_set_string_option( + { + int *oldarray = curbuf->b_p_vts_array; + +- if (tabstop_set(*varp, &(curbuf->b_p_vts_array))) ++ if (tabstop_set(*varp, &(curbuf->b_p_vts_array)) == OK) + { + vim_free(oldarray); + #ifdef FEAT_FOLDING +@@ -11395,7 +11395,7 @@ buf_copy_options(buf_T *buf, int flags) + #ifdef FEAT_VARTABS + buf->b_p_vsts = vim_strsave(p_vsts); + if (p_vsts && p_vsts != empty_option) +- tabstop_set(p_vsts, &buf->b_p_vsts_array); ++ (void)tabstop_set(p_vsts, &buf->b_p_vsts_array); + else + buf->b_p_vsts_array = 0; + buf->b_p_vsts_nopaste = p_vsts_nopaste +@@ -11524,7 +11524,7 @@ buf_copy_options(buf_T *buf, int flags) + buf->b_p_isk = save_p_isk; + #ifdef FEAT_VARTABS + if (p_vts && p_vts != empty_option && !buf->b_p_vts_array) +- tabstop_set(p_vts, &buf->b_p_vts_array); ++ (void)tabstop_set(p_vts, &buf->b_p_vts_array); + else + buf->b_p_vts_array = NULL; + #endif +@@ -11537,7 +11537,7 @@ buf_copy_options(buf_T *buf, int flags) + #ifdef FEAT_VARTABS + buf->b_p_vts = vim_strsave(p_vts); + if (p_vts && p_vts != empty_option && !buf->b_p_vts_array) +- tabstop_set(p_vts, &buf->b_p_vts_array); ++ (void)tabstop_set(p_vts, &buf->b_p_vts_array); + else + buf->b_p_vts_array = NULL; + #endif +@@ -12435,7 +12435,7 @@ paste_option_changed(void) + if (buf->b_p_vsts_array) + vim_free(buf->b_p_vsts_array); + if (buf->b_p_vsts && buf->b_p_vsts != empty_option) +- tabstop_set(buf->b_p_vsts, &buf->b_p_vsts_array); ++ (void)tabstop_set(buf->b_p_vsts, &buf->b_p_vsts_array); + else + buf->b_p_vsts_array = 0; + #endif +@@ -12807,18 +12807,19 @@ check_ff_value(char_u *p) + /* + * Set the integer values corresponding to the string setting of 'vartabstop'. + * "array" will be set, caller must free it if needed. ++ * Return FAIL for an error. + */ + int + tabstop_set(char_u *var, int **array) + { +- int valcount = 1; +- int t; +- char_u *cp; ++ int valcount = 1; ++ int t; ++ char_u *cp; + + if (var[0] == NUL || (var[0] == '0' && var[1] == NUL)) + { + *array = NULL; +- return TRUE; ++ return OK; + } + + for (cp = var; *cp != NUL; ++cp) +@@ -12832,8 +12833,8 @@ tabstop_set(char_u *var, int **array) + if (cp != end) + emsg(_(e_positive)); + else +- emsg(_(e_invarg)); +- return FALSE; ++ semsg(_(e_invarg2), cp); ++ return FAIL; + } + } + +@@ -12844,26 +12845,33 @@ tabstop_set(char_u *var, int **array) + ++valcount; + continue; + } +- emsg(_(e_invarg)); +- return FALSE; ++ semsg(_(e_invarg2), var); ++ return FAIL; + } + + *array = (int *)alloc((unsigned) ((valcount + 1) * sizeof(int))); + if (*array == NULL) +- return FALSE; ++ return FAIL; + (*array)[0] = valcount; + + t = 1; + for (cp = var; *cp != NUL;) + { +- (*array)[t++] = atoi((char *)cp); ++ int n = atoi((char *)cp); ++ ++ if (n < 0 || n > 9999) ++ { ++ semsg(_(e_invarg2), cp); ++ return FAIL; ++ } ++ (*array)[t++] = n; + while (*cp != NUL && *cp != ',') + ++cp; + if (*cp != NUL) + ++cp; + } + +- return TRUE; ++ return OK; + } + + /* +diff --git a/src/testdir/test_retab.vim b/src/testdir/test_retab.vim +index f11a32b..e7b8946 100644 +--- a/src/testdir/test_retab.vim ++++ b/src/testdir/test_retab.vim +@@ -74,4 +74,7 @@ endfunc + func Test_retab_error() + call assert_fails('retab -1', 'E487:') + call assert_fails('retab! -1', 'E487:') ++ call assert_fails('ret -1000', 'E487:') ++ call assert_fails('ret 10000', 'E475:') ++ call assert_fails('ret 80000000000000000000', 'E475:') + endfunc +diff --git a/src/version.c b/src/version.c +index 6bac28e..bd19aac 100644 +--- a/src/version.c ++++ b/src/version.c +@@ -2580,6 +2580,7 @@ static int included_patches[] = + */ + static char *(extra_patches[]) = + { /* Add your patch description below this line */ ++ "8.2.3402", + /**/ + NULL + }; diff --git a/debian/patches/upstream/patch-8.2.3403-memory-leak-for-retab-with-invalid-argumen.patch b/debian/patches/upstream/patch-8.2.3403-memory-leak-for-retab-with-invalid-argumen.patch new file mode 100644 index 0000000..18f205c --- /dev/null +++ b/debian/patches/upstream/patch-8.2.3403-memory-leak-for-retab-with-invalid-argumen.patch @@ -0,0 +1,67 @@ +From: Bram Moolenaar <Bram@vim.org> +Date: Sat, 4 Sep 2021 21:20:41 +0200 +Subject: patch 8.2.3403: memory leak for :retab with invalid argument + +Problem: Memory leak for :retab with invalid argument. +Solution: Free the memory. Make error messages consistent. +(cherry picked from commit 2ddb89f8a94425cda1e5491efc80c1ccccb6e08e) +--- + src/ex_cmds.c | 10 ++++++++-- + src/option.c | 3 +++ + src/version.c | 1 + + 3 files changed, 12 insertions(+), 2 deletions(-) + +diff --git a/src/ex_cmds.c b/src/ex_cmds.c +index 08d71e4..3200173 100644 +--- a/src/ex_cmds.c ++++ b/src/ex_cmds.c +@@ -714,12 +714,18 @@ ex_retab(exarg_T *eap) + else + new_ts_str = vim_strnsave(new_ts_str, eap->arg - new_ts_str); + #else +- new_ts = getdigits(&(eap->arg)); +- if (new_ts < 0) ++ ptr = eap->arg; ++ new_ts = getdigits(&ptr); ++ if (new_ts < 0 && *eap->arg == '-') + { + emsg(_(e_positive)); + return; + } ++ if (new_ts < 0 || new_ts > 9999) ++ { ++ semsg(_(e_invarg2), eap->arg); ++ return; ++ } + if (new_ts == 0) + new_ts = curbuf->b_p_ts; + #endif +diff --git a/src/option.c b/src/option.c +index 3ebd443..12d903f 100644 +--- a/src/option.c ++++ b/src/option.c +@@ -12859,9 +12859,12 @@ tabstop_set(char_u *var, int **array) + { + int n = atoi((char *)cp); + ++ // Catch negative values, overflow and ridiculous big values. + if (n < 0 || n > 9999) + { + semsg(_(e_invarg2), cp); ++ vim_free(*array); ++ *array = NULL; + return FAIL; + } + (*array)[t++] = n; +diff --git a/src/version.c b/src/version.c +index bd19aac..cfe1486 100644 +--- a/src/version.c ++++ b/src/version.c +@@ -2581,6 +2581,7 @@ static int included_patches[] = + static char *(extra_patches[]) = + { /* Add your patch description below this line */ + "8.2.3402", ++ "8.2.3403", + /**/ + NULL + }; diff --git a/debian/patches/upstream/patch-8.2.3409-reading-beyond-end-of-line-with-invalid-ut.patch b/debian/patches/upstream/patch-8.2.3409-reading-beyond-end-of-line-with-invalid-ut.patch new file mode 100644 index 0000000..0ad00be --- /dev/null +++ b/debian/patches/upstream/patch-8.2.3409-reading-beyond-end-of-line-with-invalid-ut.patch @@ -0,0 +1,58 @@ +From: Bram Moolenaar <Bram@vim.org> +Date: Tue, 7 Sep 2021 19:26:53 +0200 +Subject: patch 8.2.3409: reading beyond end of line with invalid utf-8 + character + +Problem: Reading beyond end of line with invalid utf-8 character. +Solution: Check for NUL when advancing. +(cherry picked from commit 65b605665997fad54ef39a93199e305af2fe4d7f) +--- + src/regexp_nfa.c | 3 ++- + src/testdir/test_regexp_utf8.vim | 10 ++++++++++ + src/version.c | 1 + + 3 files changed, 13 insertions(+), 1 deletion(-) + +diff --git a/src/regexp_nfa.c b/src/regexp_nfa.c +index 031a6cf..b9562c6 100644 +--- a/src/regexp_nfa.c ++++ b/src/regexp_nfa.c +@@ -5414,7 +5414,8 @@ find_match_text(colnr_T startcol, int regstart, char_u *match_text) + match = FALSE; + break; + } +- len2 += MB_CHAR2LEN(c2); ++ len2 += enc_utf8 ? utf_ptr2len(rex.line + col + len2) ++ : MB_CHAR2LEN(c2); + } + if (match + /* check that no composing char follows */ +diff --git a/src/testdir/test_regexp_utf8.vim b/src/testdir/test_regexp_utf8.vim +index 98b9e73..75485dc 100644 +--- a/src/testdir/test_regexp_utf8.vim ++++ b/src/testdir/test_regexp_utf8.vim +@@ -206,3 +206,13 @@ func Test_large_class() + call assert_equal(1, "\u3042" =~# '[\u3000-\u4000]') + set re=0 + endfunc ++ ++func Test_match_invalid_byte() ++ call writefile(0z630a.765d30aa0a.2e0a.790a.4030, 'Xinvalid') ++ new ++ source Xinvalid ++ bwipe! ++ call delete('Xinvalid') ++endfunc ++ ++" vim: shiftwidth=2 sts=2 expandtab +diff --git a/src/version.c b/src/version.c +index cfe1486..a3eca1e 100644 +--- a/src/version.c ++++ b/src/version.c +@@ -2582,6 +2582,7 @@ static char *(extra_patches[]) = + { /* Add your patch description below this line */ + "8.2.3402", + "8.2.3403", ++ "8.2.3409", + /**/ + NULL + }; diff --git a/debian/patches/upstream/patch-8.2.3428-using-freed-memory-when-replacing.patch b/debian/patches/upstream/patch-8.2.3428-using-freed-memory-when-replacing.patch new file mode 100644 index 0000000..16832ad --- /dev/null +++ b/debian/patches/upstream/patch-8.2.3428-using-freed-memory-when-replacing.patch @@ -0,0 +1,78 @@ +From: Bram Moolenaar <Bram@vim.org> +Date: Sat, 11 Sep 2021 21:14:20 +0200 +Subject: patch 8.2.3428: using freed memory when replacing + +Problem: Using freed memory when replacing. (Dhiraj Mishra) +Solution: Get the line pointer after calling ins_copychar(). +(cherry picked from commit 35a9a00afcb20897d462a766793ff45534810dc3) +--- + src/normal.c | 10 +++++++--- + src/testdir/test_edit.vim | 14 ++++++++++++++ + src/version.c | 1 + + 3 files changed, 22 insertions(+), 3 deletions(-) + +diff --git a/src/normal.c b/src/normal.c +index 41af966..2c36c15 100644 +--- a/src/normal.c ++++ b/src/normal.c +@@ -7056,19 +7056,23 @@ nv_replace(cmdarg_T *cap) + { + /* + * Get ptr again, because u_save and/or showmatch() will have +- * released the line. At the same time we let know that the +- * line will be changed. ++ * released the line. This may also happen in ins_copychar(). ++ * At the same time we let know that the line will be changed. + */ +- ptr = ml_get_buf(curbuf, curwin->w_cursor.lnum, TRUE); + if (cap->nchar == Ctrl_E || cap->nchar == Ctrl_Y) + { + int c = ins_copychar(curwin->w_cursor.lnum + + (cap->nchar == Ctrl_Y ? -1 : 1)); ++ ++ ptr = ml_get_buf(curbuf, curwin->w_cursor.lnum, TRUE); + if (c != NUL) + ptr[curwin->w_cursor.col] = c; + } + else ++ { ++ ptr = ml_get_buf(curbuf, curwin->w_cursor.lnum, TRUE); + ptr[curwin->w_cursor.col] = cap->nchar; ++ } + if (p_sm && msg_silent == 0) + showmatch(cap->nchar); + ++curwin->w_cursor.col; +diff --git a/src/testdir/test_edit.vim b/src/testdir/test_edit.vim +index 9a60d01..2e050c2 100644 +--- a/src/testdir/test_edit.vim ++++ b/src/testdir/test_edit.vim +@@ -1436,3 +1436,17 @@ func Test_leave_insert_autocmd() + au! InsertLeave + iunmap x + endfunc ++ ++" Test for getting the character of the line below after "p" ++func Test_edit_put_CTRL_E() ++ set encoding=latin1 ++ new ++ let @" = '' ++ sil! norm orggRx ++ sil! norm pr ++ call assert_equal(['r', 'r'], getline(1, 2)) ++ bwipe! ++ set encoding=utf-8 ++endfunc ++ ++" vim: shiftwidth=2 sts=2 expandtab +diff --git a/src/version.c b/src/version.c +index a3eca1e..c4a502f 100644 +--- a/src/version.c ++++ b/src/version.c +@@ -2583,6 +2583,7 @@ static char *(extra_patches[]) = + "8.2.3402", + "8.2.3403", + "8.2.3409", ++ "8.2.3428", + /**/ + NULL + }; |