1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
|
From: Markus Koschany <apo@debian.org>
Date: Sun, 11 Jun 2023 13:46:58 +0200
Subject: CVE-2022-4141
Bug-Debian: https://bugs.debian.org/1027146
Origin: https://github.com/vim/vim/commit/cc762a48d42b579fb7bdec2c614636b830342dd5
---
src/normal.c | 35 ++++++++++++++++++++++++++---------
src/proto/normal.pro | 1 +
src/testdir/test_substitute.vim | 20 ++++++++++++++++++++
src/window.c | 4 +++-
4 files changed, 50 insertions(+), 10 deletions(-)
diff --git a/src/normal.c b/src/normal.c
index 8f92b9c..ee2233d 100644
--- a/src/normal.c
+++ b/src/normal.c
@@ -523,13 +523,36 @@ check_text_locked(oparg_T *oap)
{
if (text_locked())
{
- clearopbeep(oap);
+ if (oap != NULL)
+ clearopbeep(oap);
text_locked_msg();
return TRUE;
}
return FALSE;
}
+/*
+ * If text is locked, "curbuf_lock" or "allbuf_lock" is set:
+ * Give an error message, possibly beep and return TRUE.
+ * "oap" may be NULL.
+ */
+ int
+check_text_or_curbuf_locked(oparg_T *oap)
+{
+ if (check_text_locked(oap))
+ return TRUE;
+
+#ifdef FEAT_AUTOCMD
+ if (curbuf_locked())
+ {
+ if (oap != NULL)
+ clearop(oap);
+ return TRUE;
+ }
+#endif
+ return FALSE;
+}
+
/*
* Execute a command in Normal mode.
*/
@@ -791,8 +814,7 @@ getcount:
goto normal_end;
}
- if ((nv_cmds[idx].cmd_flags & NV_NCW)
- && (check_text_locked(oap) || curbuf_locked()))
+ if ((nv_cmds[idx].cmd_flags & NV_NCW) && check_text_or_curbuf_locked(oap))
/* this command is not allowed now */
goto normal_end;
@@ -6173,13 +6195,8 @@ nv_gotofile(cmdarg_T *cap)
char_u *ptr;
linenr_T lnum = -1;
- if (check_text_locked(cap->oap))
+ if (check_text_or_curbuf_locked(cap->oap))
return;
- if (curbuf_locked())
- {
- clearop(cap->oap);
- return;
- }
ptr = grab_file_name(cap->count1, &lnum);
diff --git a/src/proto/normal.pro b/src/proto/normal.pro
index 55d12bb..cc81ff9 100644
--- a/src/proto/normal.pro
+++ b/src/proto/normal.pro
@@ -1,4 +1,5 @@
/* normal.c */
+int check_text_or_curbuf_locked(oparg_T *oap);
void init_normal_cmds(void);
void normal_cmd(oparg_T *oap, int toplevel);
void do_pending_operator(cmdarg_T *cap, int old_col, int gui_yank);
diff --git a/src/testdir/test_substitute.vim b/src/testdir/test_substitute.vim
index 9ab0adb..d78b036 100644
--- a/src/testdir/test_substitute.vim
+++ b/src/testdir/test_substitute.vim
@@ -565,3 +565,23 @@ func Test_sub_edit_scriptfile()
bwipe!
endfunc
+" This was editing another file from the expression.
+func Test_sub_expr_goto_other_file()
+ call writefile([''], 'Xfileone', 'D')
+ enew!
+ call setline(1, ['a', 'b', 'c', 'd',
+ \ 'Xfileone zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz'])
+
+ func g:SplitGotoFile()
+ exe "sil! norm 0\<C-W>gf"
+ return ''
+ endfunc
+
+ $
+ s/\%')/\=g:SplitGotoFile()
+
+ delfunc g:SplitGotoFile
+ bwipe!
+endfunc
+
+
diff --git a/src/window.c b/src/window.c
index 7f51c1b..82ece3e 100644
--- a/src/window.c
+++ b/src/window.c
@@ -478,6 +478,8 @@ newwindow:
case Ctrl_F:
wingotofile:
CHECK_CMDWIN;
+ if (check_text_or_curbuf_locked(NULL))
+ break;
ptr = grab_file_name(Prenum1, &lnum);
if (ptr != NULL)
@@ -757,7 +759,7 @@ win_split(int size, int flags)
* When "new_wp" is NULL: split the current window in two.
* When "new_wp" is not NULL: insert this window at the far
* top/left/right/bottom.
- * return FAIL for failure, OK otherwise
+ * Return FAIL for failure, OK otherwise.
*/
int
win_split_ins(
|
