[SCM] Vim packaging branch, maint/lenny, updated. debian/7.1.314-3-51-g209709e
James Vega
jamessan at debian.org
Sun Oct 12 06:29:08 UTC 2008
The following commit has been merged in the maint/lenny branch:
commit bc8db791cf4d542ec7294c63a9135443752e26be
Author: James Vega <jamessan at debian.org>
Date: Thu Oct 9 01:15:17 2008 -0400
Update filename escaping in tar plugin
Signed-off-by: James Vega <jamessan at debian.org>
diff --git a/runtime/autoload/tar.vim b/runtime/autoload/tar.vim
index 35ef7fd..17ef1ca 100644
--- a/runtime/autoload/tar.vim
+++ b/runtime/autoload/tar.vim
@@ -1,7 +1,7 @@
" tar.vim: Handles browsing tarfiles
" AUTOLOAD PORTION
" Date: Jun 12, 2008
-" Version: 16
+" Version: 19 + changes by Bram + Debian
" Maintainer: Charles E Campbell, Jr <NdrOchip at ScampbellPfamily.AbizM-NOSPAM>
" License: Vim License (see vim's :help license)
"
@@ -24,7 +24,7 @@ set cpo&vim
if &cp || exists("g:loaded_tar") || v:version < 700
finish
endif
-let g:loaded_tar= "v16"
+let g:loaded_tar= "v19+b+Debian"
"call Decho("loading autoload/tar.vim")
if v:version < 701 || (v:version == 701 && !has("patch299"))
echoerr "(autoload/tar.vim) need vim v7.1 with patchlevel 299"
@@ -130,21 +130,25 @@ fun! tar#Browse(tarfile)
let tarfile= a:tarfile
if has("win32") && executable("cygpath")
" assuming cygwin
- let tarfile=substitute(system("cygpath -u ".s:Escape(tarfile)),'\n$','','e')
+ let tarfile=substitute(system("cygpath -u ".s:Escape(tarfile,0)),'\n$','','e')
endif
let curlast= line("$")
if tarfile =~# '\.\(gz\|tgz\)$'
" call Decho("1: exe silent r! gzip -d -c ".s:Escape(tarfile)." | ".g:tar_cmd." -".g:tar_browseoptions." - ")
- exe "silent r! gzip -d -c -- ".s:Escape(tarfile)." | ".g:tar_cmd." -".g:tar_browseoptions." - "
+ exe "silent r! gzip -d -c -- ".s:Escape(tarfile,1)." | ".g:tar_cmd." -".g:tar_browseoptions." - "
elseif tarfile =~# '\.lrp'
" call Decho("2: exe silent r! cat -- ".s:Escape(tarfile)."|gzip -d -c -|".g:tar_cmd." -".g:tar_browseoptions." - ")
- exe "silent r! cat -- ".s:Escape(tarfile)."|gzip -d -c -|".g:tar_cmd." -".g:tar_browseoptions." - "
+ exe "silent r! cat -- ".s:Escape(tarfile,1)."|gzip -d -c -|".g:tar_cmd." -".g:tar_browseoptions." - "
elseif tarfile =~# '\.bz2$'
" call Decho("3: exe silent r! bzip2 -d -c ".s:Escape(tarfile)." | ".g:tar_cmd." -".g:tar_browseoptions." - ")
- exe "silent r! bzip2 -d -c -- ".s:Escape(tarfile)." | ".g:tar_cmd." -".g:tar_browseoptions." - "
+ exe "silent r! bzip2 -d -c -- ".s:Escape(tarfile,1)." | ".g:tar_cmd." -".g:tar_browseoptions." - "
else
+ if tarfile =~ '^\s*-'
+ " A file name starting with a dash may be taken as an option. Prepend ./ to avoid that.
+ let tarfile = substitute(tarfile, '-', './-', '')
+ endif
" call Decho("4: exe silent r! ".g:tar_cmd." -".g:tar_browseoptions." ".s:Escape(tarfile))
- exe "silent r! ".g:tar_cmd." -".g:tar_browseoptions." ".s:Escape(tarfile)
+ exe "silent r! ".g:tar_cmd." -".g:tar_browseoptions." ".s:Escape(tarfile,1)
endif
if v:shell_error != 0
redraw!
@@ -160,7 +164,7 @@ fun! tar#Browse(tarfile)
silent %d
let eikeep= &ei
set ei=BufReadCmd,FileReadCmd
- exe "r ".a:tarfile
+ exe "r ".fnameescape(a:tarfile)
let &ei= eikeep
1d
" call Dret("tar#Browse : a:tarfile<".a:tarfile.">")
@@ -183,6 +187,12 @@ fun! s:TarBrowseSelect()
let fname= getline(".")
" call Decho("fname<".fname.">")
+ if !exists("g:tar_secure") && fname =~ '^\s*-\|\s\+-'
+ redraw!
+ echohl WarningMsg | echo '***error*** (tar#BrowseSelect) rejecting tarfile member<'.fname.'> because of embedded "-"; See :help tar-options'
+ return
+ endif
+
" sanity check
if fname =~ '^"'
let &report= repkeep
@@ -195,7 +205,7 @@ fun! s:TarBrowseSelect()
let curfile= expand("%")
if has("win32") && executable("cygpath")
" assuming cygwin
- let tarfile=substitute(system("cygpath -u ".s:Escape(tarfile)),'\n$','','e')
+ let tarfile=substitute(system("cygpath -u ".s:Escape(tarfile,0)),'\n$','','e')
endif
new
@@ -220,7 +230,7 @@ fun! tar#Read(fname,mode)
let fname = substitute(a:fname,'tarfile:.\{-}::\(.*\)$','\1','')
if has("win32") && executable("cygpath")
" assuming cygwin
- let tarfile=substitute(system("cygpath -u ".s:Escape(tarfile)),'\n$','','e')
+ let tarfile=substitute(system("cygpath -u ".s:Escape(tarfile,0)),'\n$','','e')
endif
" call Decho("tarfile<".tarfile.">")
" call Decho("fname<".fname.">")
@@ -239,18 +249,27 @@ fun! tar#Read(fname,mode)
endif
endif
+ if exists("g:tar_secure")
+ let tar_secure= " -- "
+ else
+ let tar_secure= " "
+ endif
if tarfile =~# '\.\(gz\|tgz\)$'
" call Decho("5: exe silent r! gzip -d -c -- ".s:Escape(tarfile)."| ".g:tar_cmd.' -'.g:tar_readoptions.' - '.s:Escape(fname))
- exe "silent r! gzip -d -c -- ".s:Escape(tarfile)."| ".g:tar_cmd." -".g:tar_readoptions." - ".s:Escape(fname).decmp
+ exe "silent r! gzip -d -c -- ".s:Escape(tarfile,1)."| ".g:tar_cmd." -".g:tar_readoptions." - ".tar_secure.s:Escape(fname,1).decmp
elseif tarfile =~# '\.lrp$'
" call Decho("6: exe silent r! cat ".s:Escape(tarfile)." | gzip -d -c - | ".g:tar_cmd." -".g:tar_readoptions." - ".s:Escape(fname).decmp)
- exe "silent r! cat -- ".s:Escape(tarfile)." | gzip -d -c - | ".g:tar_cmd." -".g:tar_readoptions." - ".s:Escape(fname).decmp
+ exe "silent r! cat -- ".s:Escape(tarfile,1)." | gzip -d -c - | ".g:tar_cmd." -".g:tar_readoptions." - ".tar_secure.s:Escape(fname,1).decmp
elseif tarfile =~# '\.bz2$'
" call Decho("7: exe silent r! bzip2 -d -c ".s:Escape(tarfile)."| ".g:tar_cmd." -".g:tar_readoptions." - ".s:Escape(fname).decmp)
- exe "silent r! bzip2 -d -c -- ".s:Escape(tarfile)."| ".g:tar_cmd." -".g:tar_readoptions." - ".s:Escape(fname).decmp
+ exe "silent r! bzip2 -d -c -- ".s:Escape(tarfile,1)."| ".g:tar_cmd." -".g:tar_readoptions." - ".tar_secure.s:Escape(fname,1).decmp
else
+ if tarfile =~ '^\s*-'
+ " A file name starting with a dash may be taken as an option. Prepend ./ to avoid that.
+ let tarfile = substitute(tarfile, '-', './-', '')
+ endif
" call Decho("8: exe silent r! ".g:tar_cmd." -".g:tar_readoptions." -- ".s:Escape(tarfile)." ".s:Escape(fname))
- exe "silent r! ".g:tar_cmd." -".g:tar_readoptions." ".s:Escape(tarfile)." -- ".s:Escape(fname).decmp
+ exe "silent r! ".g:tar_cmd." -".g:tar_readoptions." ".s:Escape(tarfile,1)." -- ".tar_secure.s:Escape(fname,1).decmp
endif
if doro
@@ -259,7 +278,7 @@ fun! tar#Read(fname,mode)
endif
let w:tarfile= a:fname
- exe "file tarfile::".fname
+ exe "file tarfile::".fnameescape(fname)
" cleanup
0d
@@ -276,6 +295,12 @@ fun! tar#Write(fname)
let repkeep= &report
set report=10
+ if !exists("g:tar_secure") && a:fname =~ '^\s*-\|\s\+-'
+ redraw!
+ echohl WarningMsg | echo '***error*** (tar#Write) rejecting tarfile member<'.a:fname.'> because of embedded "-"; See :help tar-options'
+ return
+ endif
+
" sanity checks
if !executable(g:tar_cmd)
redraw!
@@ -329,18 +354,18 @@ fun! tar#Write(fname)
" handle compressed archives
if tarfile =~# '\.gz'
- call system("gzip -d -- ".tarfile)
+ call system("gzip -d -- ".s:Escape(tarfile,0))
let tarfile = substitute(tarfile,'\.gz','','e')
- let compress= "gzip ".s:Escape(tarfile)
+ let compress= "gzip -- ".s:Escape(tarfile,0)
elseif tarfile =~# '\.tgz'
- call system("gzip -d -- ".s:Escape(tarfile))
+ call system("gzip -d -- ".s:Escape(tarfile,0))
let tarfile = substitute(tarfile,'\.tgz','.tar','e')
- let compress= "gzip -- ".s:Escape(tarfile)
+ let compress= "gzip -- ".s:Escape(tarfile,0)
let tgz = 1
elseif tarfile =~# '\.bz2'
- call system("bzip2 -d -- ".s:Escape(tarfile))
+ call system("bzip2 -d -- ".s:Escape(tarfile,0))
let tarfile = substitute(tarfile,'\.bz2','','e')
- let compress= "bzip2 -- ".s:Escape(tarfile)
+ let compress= "bzip2 -- ".s:Escape(tarfile,0)
endif
" call Decho("tarfile<".tarfile.">")
" call Decho("compress<".compress.">")
@@ -356,23 +381,32 @@ fun! tar#Write(fname)
if fname =~ '/'
let dirpath = substitute(fname,'/[^/]\+$','','e')
if executable("cygpath")
- let dirpath = substitute(system("cygpath ".dirpath),'\n','','e')
+ let dirpath = substitute(system("cygpath ".s:Escape(dirpath, 0)),'\n','','e')
endif
call mkdir(dirpath,"p")
endif
if tarfile !~ '/'
let tarfile= curdir.'/'.tarfile
endif
+ if tarfile =~ '^\s*-'
+ " A file name starting with a dash may be taken as an option. Prepend ./ to avoid that.
+ let tarfile = substitute(tarfile, '-', './-', '')
+ endif
" call Decho("tarfile<".tarfile."> fname<".fname.">")
+ if exists("g:tar_secure")
+ let tar_secure= " -- "
+ else
+ let tar_secure= " "
+ endif
exe "w! ".fnameescape(fname)
if executable("cygpath")
- let tarfile = substitute(system("cygpath ".s:Escape(tarfile)),'\n','','e')
+ let tarfile = substitute(system("cygpath ".s:Escape(tarfile,0)),'\n','','e')
endif
" delete old file from tarfile
" call Decho("system(tar --delete -f ".s:Escape(tarfile)." -- ".s:Escape(fname).")")
- call system("tar --delete -f ".s:Escape(tarfile)." -- ".s:Escape(fname))
+ call system("tar --delete -f ".s:Escape(tarfile,0).tar_secure.s:Escape(fname,0))
if v:shell_error != 0
redraw!
echohl Error | echo "***error*** (tar#Write) sorry, unable to update ".fnameescape(tarfile)." with ".fnameescape(fname) | echohl None
@@ -381,7 +415,7 @@ fun! tar#Write(fname)
" update tarfile with new file
" call Decho("tar -".g:tar_writeoptions." ".s:Escape(tarfile)." -- ".s:Escape(fname))
- call system("tar -".g:tar_writeoptions." ".s:Escape(tarfile)." -- ".s:Escape(fname))
+ call system("tar -".g:tar_writeoptions." ".s:Escape(tarfile,0).tar_secure.s:Escape(fname,0))
if v:shell_error != 0
redraw!
echohl Error | echo "***error*** (tar#Write) sorry, unable to update ".fnameescape(tarfile)." with ".fnameescape(fname) | echohl None
@@ -404,7 +438,7 @@ fun! tar#Write(fname)
let binkeep= &binary
let eikeep = &ei
set binary ei=all
- exe "e! ".tarfile
+ exe "e! ".fnameescape(tarfile)
call netrw#NetWrite(tblfile)
let &ei = eikeep
let &binary = binkeep
@@ -416,7 +450,7 @@ fun! tar#Write(fname)
" cleanup and restore current directory
cd ..
call s:Rmdir("_ZIPVIM_")
- exe "cd ".escape(curdir,' \')
+ exe "cd ".fnameescape(curdir)
setlocal nomod
let &report= repkeep
@@ -428,12 +462,12 @@ endfun
fun! s:Rmdir(fname)
" call Dfunc("Rmdir(fname<".a:fname.">)")
if has("unix")
- call system("/bin/rm -rf -- ".s:Escape(a:fname))
+ call system("/bin/rm -rf -- ".s:Escape(a:fname,0))
elseif has("win32") || has("win95") || has("win64") || has("win16")
if &shell =~? "sh$"
- call system("/bin/rm -rf -- ".s:Escape(a:fname))
+ call system("/bin/rm -rf -- ".s:Escape(a:fname,0))
else
- call system("del /S ".s:Escape(a:fname))
+ call system("del /S ".s:Escape(a:fname,0))
endif
endif
" call Dret("Rmdir")
@@ -441,10 +475,14 @@ endfun
" ---------------------------------------------------------------------
" s:Escape: {{{2
-fun s:Escape(name)
+fun s:Escape(name,isfilt)
" shellescape() was added by patch 7.0.111
if exists("*shellescape")
- let qnameq= shellescape(a:name)
+ if a:isfilt
+ let qnameq= shellescape(a:name,1)
+ else
+ let qnameq= shellescape(a:name)
+ endif
else
let qnameq= g:tar_shq . a:name . g:tar_shq
endif
diff --git a/runtime/doc/pi_tar.txt b/runtime/doc/pi_tar.txt
index 44598e5..71d549f 100644
--- a/runtime/doc/pi_tar.txt
+++ b/runtime/doc/pi_tar.txt
@@ -37,6 +37,17 @@ Copyright 2005-2008: The GPL (gnu public license) applies to *tar-copyright*
*g:tar_readoptions* "OPxf" used to extract a file from a tarball
*g:tar_cmd* "tar" the name of the tar program
*g:tar_nomax* 0 if true, file window will not be maximized
+ *g:tar_secure* undef if exists:
+ "--" will be used to prevent unwanted
+ option expansion in tar commands.
+ Please be sure that your tar command
+ accepts "--"; Posix compliant tar
+ utilities do accept it.
+ if not exists:
+ The tar plugin will reject any member
+ files that begin with "-"
+ Not all tar's support the "--" which is why
+ it isn't default.
*g:tar_writeoptions* "uf" used to update/replace a file
--
Vim packaging
More information about the pkg-vim-maintainers
mailing list