[SCM] Vim packaging branch, maint/lenny, updated. debian/7.1.314-3-51-g209709e

James Vega jamessan at debian.org
Sun Oct 12 06:29:08 UTC 2008


The following commit has been merged in the maint/lenny branch:
commit bc8db791cf4d542ec7294c63a9135443752e26be
Author: James Vega <jamessan at debian.org>
Date:   Thu Oct 9 01:15:17 2008 -0400

    Update filename escaping in tar plugin
    
    Signed-off-by: James Vega <jamessan at debian.org>

diff --git a/runtime/autoload/tar.vim b/runtime/autoload/tar.vim
index 35ef7fd..17ef1ca 100644
--- a/runtime/autoload/tar.vim
+++ b/runtime/autoload/tar.vim
@@ -1,7 +1,7 @@
 " tar.vim: Handles browsing tarfiles
 "            AUTOLOAD PORTION
 " Date:			Jun 12, 2008
-" Version:		16
+" Version:		19 + changes by Bram + Debian
 " Maintainer:	Charles E Campbell, Jr <NdrOchip at ScampbellPfamily.AbizM-NOSPAM>
 " License:		Vim License  (see vim's :help license)
 "
@@ -24,7 +24,7 @@ set cpo&vim
 if &cp || exists("g:loaded_tar") || v:version < 700
  finish
 endif
-let g:loaded_tar= "v16"
+let g:loaded_tar= "v19+b+Debian"
 "call Decho("loading autoload/tar.vim")
 if v:version < 701 || (v:version == 701 && !has("patch299"))
  echoerr "(autoload/tar.vim) need vim v7.1 with patchlevel 299"
@@ -130,21 +130,25 @@ fun! tar#Browse(tarfile)
   let tarfile= a:tarfile
   if has("win32") && executable("cygpath")
    " assuming cygwin
-   let tarfile=substitute(system("cygpath -u ".s:Escape(tarfile)),'\n$','','e')
+   let tarfile=substitute(system("cygpath -u ".s:Escape(tarfile,0)),'\n$','','e')
   endif
   let curlast= line("$")
   if tarfile =~# '\.\(gz\|tgz\)$'
 "   call Decho("1: exe silent r! gzip -d -c ".s:Escape(tarfile)." | ".g:tar_cmd." -".g:tar_browseoptions." - ")
-   exe "silent r! gzip -d -c -- ".s:Escape(tarfile)." | ".g:tar_cmd." -".g:tar_browseoptions." - "
+   exe "silent r! gzip -d -c -- ".s:Escape(tarfile,1)." | ".g:tar_cmd." -".g:tar_browseoptions." - "
   elseif tarfile =~# '\.lrp'
 "   call Decho("2: exe silent r! cat -- ".s:Escape(tarfile)."|gzip -d -c -|".g:tar_cmd." -".g:tar_browseoptions." - ")
-   exe "silent r! cat -- ".s:Escape(tarfile)."|gzip -d -c -|".g:tar_cmd." -".g:tar_browseoptions." - "
+   exe "silent r! cat -- ".s:Escape(tarfile,1)."|gzip -d -c -|".g:tar_cmd." -".g:tar_browseoptions." - "
   elseif tarfile =~# '\.bz2$'
 "   call Decho("3: exe silent r! bzip2 -d -c ".s:Escape(tarfile)." | ".g:tar_cmd." -".g:tar_browseoptions." - ")
-   exe "silent r! bzip2 -d -c -- ".s:Escape(tarfile)." | ".g:tar_cmd." -".g:tar_browseoptions." - "
+   exe "silent r! bzip2 -d -c -- ".s:Escape(tarfile,1)." | ".g:tar_cmd." -".g:tar_browseoptions." - "
   else
+   if tarfile =~ '^\s*-'
+    " A file name starting with a dash may be taken as an option.  Prepend ./ to avoid that.
+    let tarfile = substitute(tarfile, '-', './-', '')
+   endif
 "   call Decho("4: exe silent r! ".g:tar_cmd." -".g:tar_browseoptions." ".s:Escape(tarfile))
-   exe "silent r! ".g:tar_cmd." -".g:tar_browseoptions." ".s:Escape(tarfile)
+   exe "silent r! ".g:tar_cmd." -".g:tar_browseoptions." ".s:Escape(tarfile,1)
   endif
   if v:shell_error != 0
    redraw!
@@ -160,7 +164,7 @@ fun! tar#Browse(tarfile)
    silent %d
    let eikeep= &ei
    set ei=BufReadCmd,FileReadCmd
-   exe "r ".a:tarfile
+   exe "r ".fnameescape(a:tarfile)
    let &ei= eikeep
    1d
 "   call Dret("tar#Browse : a:tarfile<".a:tarfile.">")
@@ -183,6 +187,12 @@ fun! s:TarBrowseSelect()
   let fname= getline(".")
 "  call Decho("fname<".fname.">")
 
+  if !exists("g:tar_secure") && fname =~ '^\s*-\|\s\+-'
+   redraw!
+   echohl WarningMsg | echo '***error*** (tar#BrowseSelect) rejecting tarfile member<'.fname.'> because of embedded "-"; See :help tar-options'
+   return
+  endif
+
   " sanity check
   if fname =~ '^"'
    let &report= repkeep
@@ -195,7 +205,7 @@ fun! s:TarBrowseSelect()
   let curfile= expand("%")
   if has("win32") && executable("cygpath")
    " assuming cygwin
-   let tarfile=substitute(system("cygpath -u ".s:Escape(tarfile)),'\n$','','e')
+   let tarfile=substitute(system("cygpath -u ".s:Escape(tarfile,0)),'\n$','','e')
   endif
 
   new
@@ -220,7 +230,7 @@ fun! tar#Read(fname,mode)
   let fname   = substitute(a:fname,'tarfile:.\{-}::\(.*\)$','\1','')
   if has("win32") && executable("cygpath")
    " assuming cygwin
-   let tarfile=substitute(system("cygpath -u ".s:Escape(tarfile)),'\n$','','e')
+   let tarfile=substitute(system("cygpath -u ".s:Escape(tarfile,0)),'\n$','','e')
   endif
 "  call Decho("tarfile<".tarfile.">")
 "  call Decho("fname<".fname.">")
@@ -239,18 +249,27 @@ fun! tar#Read(fname,mode)
    endif
   endif
 
+  if exists("g:tar_secure")
+   let tar_secure= " -- "
+  else
+   let tar_secure= " "
+  endif
   if tarfile =~# '\.\(gz\|tgz\)$'
 "   call Decho("5: exe silent r! gzip -d -c -- ".s:Escape(tarfile)."| ".g:tar_cmd.' -'.g:tar_readoptions.' - '.s:Escape(fname))
-   exe "silent r! gzip -d -c -- ".s:Escape(tarfile)."| ".g:tar_cmd." -".g:tar_readoptions." - ".s:Escape(fname).decmp
+   exe "silent r! gzip -d -c -- ".s:Escape(tarfile,1)."| ".g:tar_cmd." -".g:tar_readoptions." - ".tar_secure.s:Escape(fname,1).decmp
   elseif tarfile =~# '\.lrp$'
 "   call Decho("6: exe silent r! cat ".s:Escape(tarfile)." | gzip -d -c - | ".g:tar_cmd." -".g:tar_readoptions." - ".s:Escape(fname).decmp)
-   exe "silent r! cat -- ".s:Escape(tarfile)." | gzip -d -c - | ".g:tar_cmd." -".g:tar_readoptions." - ".s:Escape(fname).decmp
+   exe "silent r! cat -- ".s:Escape(tarfile,1)." | gzip -d -c - | ".g:tar_cmd." -".g:tar_readoptions." - ".tar_secure.s:Escape(fname,1).decmp
   elseif tarfile =~# '\.bz2$'
 "   call Decho("7: exe silent r! bzip2 -d -c ".s:Escape(tarfile)."| ".g:tar_cmd." -".g:tar_readoptions." - ".s:Escape(fname).decmp)
-   exe "silent r! bzip2 -d -c -- ".s:Escape(tarfile)."| ".g:tar_cmd." -".g:tar_readoptions." - ".s:Escape(fname).decmp
+   exe "silent r! bzip2 -d -c -- ".s:Escape(tarfile,1)."| ".g:tar_cmd." -".g:tar_readoptions." - ".tar_secure.s:Escape(fname,1).decmp
   else
+   if tarfile =~ '^\s*-'
+    " A file name starting with a dash may be taken as an option.  Prepend ./ to avoid that.
+    let tarfile = substitute(tarfile, '-', './-', '')
+   endif
 "   call Decho("8: exe silent r! ".g:tar_cmd." -".g:tar_readoptions." -- ".s:Escape(tarfile)." ".s:Escape(fname))
-   exe "silent r! ".g:tar_cmd." -".g:tar_readoptions." ".s:Escape(tarfile)." -- ".s:Escape(fname).decmp
+   exe "silent r! ".g:tar_cmd." -".g:tar_readoptions." ".s:Escape(tarfile,1)." -- ".tar_secure.s:Escape(fname,1).decmp
   endif
 
   if doro
@@ -259,7 +278,7 @@ fun! tar#Read(fname,mode)
   endif
 
   let w:tarfile= a:fname
-  exe "file tarfile::".fname
+  exe "file tarfile::".fnameescape(fname)
 
   " cleanup
   0d
@@ -276,6 +295,12 @@ fun! tar#Write(fname)
   let repkeep= &report
   set report=10
 
+  if !exists("g:tar_secure") && a:fname =~ '^\s*-\|\s\+-'
+   redraw!
+   echohl WarningMsg | echo '***error*** (tar#Write) rejecting tarfile member<'.a:fname.'> because of embedded "-"; See :help tar-options'
+   return
+  endif
+
   " sanity checks
   if !executable(g:tar_cmd)
    redraw!
@@ -329,18 +354,18 @@ fun! tar#Write(fname)
 
   " handle compressed archives
   if tarfile =~# '\.gz'
-   call system("gzip -d -- ".tarfile)
+   call system("gzip -d -- ".s:Escape(tarfile,0))
    let tarfile = substitute(tarfile,'\.gz','','e')
-   let compress= "gzip ".s:Escape(tarfile)
+   let compress= "gzip -- ".s:Escape(tarfile,0)
   elseif tarfile =~# '\.tgz'
-   call system("gzip -d -- ".s:Escape(tarfile))
+   call system("gzip -d -- ".s:Escape(tarfile,0))
    let tarfile = substitute(tarfile,'\.tgz','.tar','e')
-   let compress= "gzip -- ".s:Escape(tarfile)
+   let compress= "gzip -- ".s:Escape(tarfile,0)
    let tgz     = 1
   elseif tarfile =~# '\.bz2'
-   call system("bzip2 -d -- ".s:Escape(tarfile))
+   call system("bzip2 -d -- ".s:Escape(tarfile,0))
    let tarfile = substitute(tarfile,'\.bz2','','e')
-   let compress= "bzip2 -- ".s:Escape(tarfile)
+   let compress= "bzip2 -- ".s:Escape(tarfile,0)
   endif
 "  call Decho("tarfile<".tarfile.">")
 "  call Decho("compress<".compress.">")
@@ -356,23 +381,32 @@ fun! tar#Write(fname)
    if fname =~ '/'
     let dirpath = substitute(fname,'/[^/]\+$','','e')
     if executable("cygpath")
-     let dirpath = substitute(system("cygpath ".dirpath),'\n','','e')
+     let dirpath = substitute(system("cygpath ".s:Escape(dirpath, 0)),'\n','','e')
     endif
     call mkdir(dirpath,"p")
    endif
    if tarfile !~ '/'
     let tarfile= curdir.'/'.tarfile
    endif
+   if tarfile =~ '^\s*-'
+    " A file name starting with a dash may be taken as an option.  Prepend ./ to avoid that.
+    let tarfile = substitute(tarfile, '-', './-', '')
+   endif
 "   call Decho("tarfile<".tarfile."> fname<".fname.">")
  
+   if exists("g:tar_secure")
+    let tar_secure= " -- "
+   else
+    let tar_secure= " "
+   endif
    exe "w! ".fnameescape(fname)
    if executable("cygpath")
-    let tarfile = substitute(system("cygpath ".s:Escape(tarfile)),'\n','','e')
+    let tarfile = substitute(system("cygpath ".s:Escape(tarfile,0)),'\n','','e')
    endif
  
    " delete old file from tarfile
 "   call Decho("system(tar --delete -f ".s:Escape(tarfile)." -- ".s:Escape(fname).")")
-   call system("tar --delete -f ".s:Escape(tarfile)." -- ".s:Escape(fname))
+   call system("tar --delete -f ".s:Escape(tarfile,0).tar_secure.s:Escape(fname,0))
    if v:shell_error != 0
     redraw!
     echohl Error | echo "***error*** (tar#Write) sorry, unable to update ".fnameescape(tarfile)." with ".fnameescape(fname) | echohl None
@@ -381,7 +415,7 @@ fun! tar#Write(fname)
  
     " update tarfile with new file 
 "    call Decho("tar -".g:tar_writeoptions." ".s:Escape(tarfile)." -- ".s:Escape(fname))
-    call system("tar -".g:tar_writeoptions." ".s:Escape(tarfile)." -- ".s:Escape(fname))
+    call system("tar -".g:tar_writeoptions." ".s:Escape(tarfile,0).tar_secure.s:Escape(fname,0))
     if v:shell_error != 0
      redraw!
      echohl Error | echo "***error*** (tar#Write) sorry, unable to update ".fnameescape(tarfile)." with ".fnameescape(fname) | echohl None
@@ -404,7 +438,7 @@ fun! tar#Write(fname)
     let binkeep= &binary
     let eikeep = &ei
     set binary ei=all
-    exe "e! ".tarfile
+    exe "e! ".fnameescape(tarfile)
     call netrw#NetWrite(tblfile)
     let &ei     = eikeep
     let &binary = binkeep
@@ -416,7 +450,7 @@ fun! tar#Write(fname)
   " cleanup and restore current directory
   cd ..
   call s:Rmdir("_ZIPVIM_")
-  exe "cd ".escape(curdir,' \')
+  exe "cd ".fnameescape(curdir)
   setlocal nomod
 
   let &report= repkeep
@@ -428,12 +462,12 @@ endfun
 fun! s:Rmdir(fname)
 "  call Dfunc("Rmdir(fname<".a:fname.">)")
   if has("unix")
-   call system("/bin/rm -rf -- ".s:Escape(a:fname))
+   call system("/bin/rm -rf -- ".s:Escape(a:fname,0))
   elseif has("win32") || has("win95") || has("win64") || has("win16")
    if &shell =~? "sh$"
-    call system("/bin/rm -rf -- ".s:Escape(a:fname))
+    call system("/bin/rm -rf -- ".s:Escape(a:fname,0))
    else
-    call system("del /S ".s:Escape(a:fname))
+    call system("del /S ".s:Escape(a:fname,0))
    endif
   endif
 "  call Dret("Rmdir")
@@ -441,10 +475,14 @@ endfun
 
 " ---------------------------------------------------------------------
 " s:Escape: {{{2
-fun s:Escape(name)
+fun s:Escape(name,isfilt)
   " shellescape() was added by patch 7.0.111
   if exists("*shellescape")
-   let qnameq= shellescape(a:name)
+   if a:isfilt
+    let qnameq= shellescape(a:name,1)
+   else
+    let qnameq= shellescape(a:name)
+   endif
   else
    let qnameq= g:tar_shq . a:name . g:tar_shq
   endif
diff --git a/runtime/doc/pi_tar.txt b/runtime/doc/pi_tar.txt
index 44598e5..71d549f 100644
--- a/runtime/doc/pi_tar.txt
+++ b/runtime/doc/pi_tar.txt
@@ -37,6 +37,17 @@ Copyright 2005-2008: The GPL (gnu public license) applies to	*tar-copyright*
    *g:tar_readoptions*    "OPxf"  used to extract a file from a tarball
    *g:tar_cmd*            "tar"   the name of the tar program
    *g:tar_nomax*            0     if true, file window will not be maximized
+   *g:tar_secure*         undef   if exists:
+					"--" will be used to prevent unwanted
+					option expansion in tar commands.
+					Please be sure that your tar command
+					accepts "--"; Posix compliant tar
+					utilities do accept it.
+				  if not exists:
+					The tar plugin will reject any member
+					files that begin with "-"
+				  Not all tar's support the "--" which is why
+				  it isn't default.
    *g:tar_writeoptions*   "uf"    used to update/replace a file
 
 

-- 
Vim packaging



More information about the pkg-vim-maintainers mailing list