[SCM] Vim packaging branch, maint/etch, updated. 4cbe8d79068a51948a85acf10840cb751e812c72
James Vega
jamessan at debian.org
Tue Feb 17 21:20:27 UTC 2009
The following commit has been merged in the maint/etch branch:
commit 69415dcf0e442a8ab1544fd60cce2ea5ac5660c0
Author: James Vega <jamessan at debian.org>
Date: Mon Feb 16 02:52:01 2009 -0500
Add patch CVE-2008-2712-netrw.vim.diff to fix autoload/netrw.vim.
Signed-off-by: James Vega <jamessan at debian.org>
diff --git a/debian/changelog b/debian/changelog
index 03b33d6..49dda12 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,13 +1,14 @@
vim (1:7.0-122+1etch4) UNRELEASED; urgency=high
* Backport upstream patches and runtime fixes for filename escaping
- vulnerabilities. (Closes: #486502, CVE 2008-2712, CVE 2008-3074,
- CVE 2008-4104)
+ vulnerabilities. (Closes: #486502, #506919, CVE 2008-2712, CVE 2008-3074,
+ CVE 2008-3076, CVE 2008-4104)
- Backport patches 7.1.299, 7.1.300, 7.1.305, 7.2a.013, 7.2b.005,
7.2b.018, 7.2c.002, 7.2010, 7.2026.
- Add patch CVE-2008-2712-xpm.vim.diff to fix syntax/xpm.vim and
syntax/xpm2.vim.
- Add patch CVE-2008-2712-zip.vim.diff to fix autoload/zip.vim.
+ - Add patch CVE-2008-2712-netrw.vim.diff to fix autoload/netrw.vim.
- Add patch CVE-2008-3074-tar.vim.diff to fix autoload/tar.vim.
-- James Vega <jamessan at debian.org> Tue, 03 Feb 2009 22:19:11 -0500
diff --git a/patches/CVE-2008-2712-netrw.vim.diff b/patches/CVE-2008-2712-netrw.vim.diff
new file mode 100644
index 0000000..30e8264
--- /dev/null
+++ b/patches/CVE-2008-2712-netrw.vim.diff
@@ -0,0 +1,616 @@
+Index: vim/runtime/autoload/netrw.vim
+===================================================================
+--- vim/runtime/autoload/netrw.vim.orig
++++ vim/runtime/autoload/netrw.vim
+@@ -1,7 +1,7 @@
+ " netrw.vim: Handles file transfer and remote directory listing across a network
+ " AUTOLOAD PORTION
+ " Date: May 02, 2006
+-" Version: 98
++" Version: 98+debian
+ " Maintainer: Charles E Campbell, Jr <drchipNOSPAM at campbellfamily dot biz>
+ " GetLatestVimScripts: 1075 1 :AutoInstall: netrw.vim
+ " Copyright: Copyright (C) 1999-2005 Charles E. Campbell, Jr. {{{1
+@@ -23,11 +23,15 @@
+ if &cp || exists("g:loaded_netrw")
+ finish
+ endif
+-let g:loaded_netrw = "v98"
++let g:loaded_netrw = "v98+debian"
+ if v:version < 700
+ echohl WarningMsg | echo "***netrw*** you need vim version 7.0 or later for version ".g:loaded_netrw." of netrw" | echohl None
+ finish
+ endif
++if !exists('*shellescape') || !exists('*fnameescape')
++ echohl WarningMsg | echo '***netrw*** you need a version of Vim with the fnameescape and shellescape functions' | echonl None
++ finish
++endif
+ let s:keepcpo= &cpo
+ set cpo&vim
+ " call Decho("doing autoload/netrw.vim")
+@@ -323,7 +327,7 @@
+ " get name of a temporary file and set up shell-quoting character {{{3
+ let tmpfile= tempname()
+ " call Decho("tmpfile<".tmpfile.">")
+- let tmpfile= escape(substitute(tmpfile,'\','/','ge'),g:netrw_tmpfile_escape)
++ let tmpfile= substitute(tmpfile,'\','/','ge')
+ " call Decho("tmpfile<".tmpfile.">")
+ if !isdirectory(substitute(tmpfile,'[^/]\+$','','e'))
+ echohl Error | echo "***netrw*** your <".substitute(tmpfile,'[^/]\+$','','e')."> directory is missing!" | echohl None
+@@ -399,7 +403,7 @@
+ " call Decho("fixing up windows url to <".choice."> tmpfile<".tmpfile)
+
+ if !g:netrw_keepdir
+- exe 'lcd ' . fnamemodify(tmpfile,':h')
++ exe 'lcd ' . fnameescape(fnamemodify(tmpfile,':h'))
+ endif
+ let tmpfile = fnamemodify(tmpfile,':t')
+ endif
+@@ -453,7 +457,7 @@
+ endif
+ endif
+ " call Decho("executing: !".g:netrw_rcp_cmd." ".s:netrw_rcpmode." ".uid_machine.":".escape(b:netrw_fname,' ?&;')." ".tmpfile)
+- exe g:netrw_silentxfer."!".g:netrw_rcp_cmd." ".s:netrw_rcpmode." ".uid_machine.":".escape(b:netrw_fname,' ?&;')." ".tmpfile
++ exe g:netrw_silentxfer."!".g:netrw_rcp_cmd." ".s:netrw_rcpmode." ".shellescape(uid_machine.":".b:netrw_fname,1)." ".shellescape(tmpfile,1)
+ let result = s:NetGetFile(readcmd, tmpfile, b:netrw_method)
+ let b:netrw_lastfile = choice
+
+@@ -464,16 +468,16 @@
+ let netrw_fname= b:netrw_fname
+ new
+ setlocal ff=unix
+- exe "put ='".g:netrw_ftpmode."'"
++ put =g:netrw_ftpmode
+ " call Decho("filter input: ".getline("."))
+- exe "put ='".'get \"'.netrw_fname.'\" '.tmpfile."'"
++ call setline(line('$')+1,'get "'.netrw_fname.'" '.tmpfile)
+ " call Decho("filter input: ".getline("."))
+ if exists("g:netrw_port") && g:netrw_port != ""
+ " call Decho("executing: %!".g:netrw_ftp_cmd." -i ".g:netrw_machine." ".g:netrw_port)
+- exe g:netrw_silentxfer."%!".g:netrw_ftp_cmd." -i ".g:netrw_machine." ".g:netrw_port
++ exe g:netrw_silentxfer."%!".g:netrw_ftp_cmd." -i ".shellescape(g:netrw_machine." ".g:netrw_port,1)
+ else
+ " call Decho("executing: %!".g:netrw_ftp_cmd." -i ".g:netrw_machine)
+- exe g:netrw_silentxfer."%!".g:netrw_ftp_cmd." -i ".g:netrw_machine
++ exe g:netrw_silentxfer."%!".g:netrw_ftp_cmd." -i ".shellescape(g:netrw_machine,1)
+ endif
+ " If the result of the ftp operation isn't blank, show an error message (tnx to Doug Claar)
+ if getline(1) !~ "^$" && !exists("g:netrw_quiet") && getline(1) !~ '^Trying '
+@@ -551,10 +555,10 @@
+ if g:netrw_cygwin == 1
+ let cygtmpfile=substitute(tmpfile,'^\(\a\):','/cygdrive/\1/','e')
+ " call Decho("executing: !".g:netrw_scp_cmd.useport." '".g:netrw_machine.":".escape(b:netrw_fname,g:netrw_fname_escape)."' ".cygtmpfile)
+- exe g:netrw_silentxfer."!".g:netrw_scp_cmd.useport." '".g:netrw_machine.":".escape(b:netrw_fname,g:netrw_fname_escape)."' ".cygtmpfile
++ exe g:netrw_silentxfer."!".g:netrw_scp_cmd.useport." ".shellescape(g:netrw_machine.":".b:netrw_fname,1)." ".shellescape(cygtmpfile,1)
+ else
+ " call Decho("executing: !".g:netrw_scp_cmd.useport." '".g:netrw_machine.":".escape(b:netrw_fname,g:netrw_fname_escape)."' ".tmpfile)
+- exe g:netrw_silentxfer."!".g:netrw_scp_cmd.useport." '".g:netrw_machine.":".escape(b:netrw_fname,g:netrw_fname_escape)."' ".tmpfile
++ exe g:netrw_silentxfer."!".g:netrw_scp_cmd.useport." ".shellescape(g:netrw_machine.":".b:netrw_fname,1)." ".shellescape(tmpfile,1)
+ endif
+ let result = s:NetGetFile(readcmd, tmpfile, b:netrw_method)
+ let b:netrw_lastfile = choice
+@@ -574,9 +578,8 @@
+
+ if match(b:netrw_fname,"#") == -1
+ " simple wget
+- let netrw_fname= escape(b:netrw_fname,g:netrw_fname_escape)
+ " call Decho("executing: !".g:netrw_http_cmd." ".tmpfile." http://".g:netrw_machine.netrw_fname)
+- exe g:netrw_silentxfer."!".g:netrw_http_cmd." ".tmpfile." http://".g:netrw_machine.netrw_fname
++ exe g:netrw_silentxfer."!".g:netrw_http_cmd." ".shellescape(tmpfile,1)." ".shellescape("http://".g:netrw_machine.b:netrw_fname,1)
+ let result = s:NetGetFile(readcmd, tmpfile, b:netrw_method)
+
+ else
+@@ -586,7 +589,7 @@
+ " call Decho("netrw_html<".netrw_html.">")
+ " call Decho("netrw_tag <".netrw_tag.">")
+ " call Decho("executing: !".g:netrw_http_cmd." ".tmpfile." http://".g:netrw_machine.netrw_html)
+- exe g:netrw_silentxfer."!".g:netrw_http_cmd." ".tmpfile." http://".g:netrw_machine.netrw_html
++ exe g:netrw_silentxfer."!".g:netrw_http_cmd." ".shellescape(tmpfile,1)." ".shellescape("http://".g:netrw_machine.netrw_html,1)
+ let result = s:NetGetFile(readcmd, tmpfile, b:netrw_method)
+ " call Decho('<\s*a\s*name=\s*"'.netrw_tag.'"/')
+ exe 'norm! 1G/<\s*a\s*name=\s*"'.netrw_tag.'"/'."\<CR>"
+@@ -629,14 +632,13 @@
+ " rsync: NetRead Method #7 {{{3
+ elseif b:netrw_method == 7
+ " call Decho("read via rsync (method #7)")
+- let netrw_fname= escape(b:netrw_fname,g:netrw_fname_escape)
+ if g:netrw_cygwin == 1
+ let cygtmpfile=substitute(tmpfile,'^\(\a\):','/cygdrive/\1/','e')
+ " call Decho("executing: !".g:netrw_rsync_cmd." ".g:netrw_machine.":".netrw_fname." ".cygtmpfile)
+- exe g:netrw_silentxfer."!".g:netrw_rsync_cmd." ".g:netrw_machine.":".netrw_fname." ".cygtmpfile
++ exe g:netrw_silentxfer."!".g:netrw_rsync_cmd." ".shellescape(g:netrw_machine.":".b:netrw_fname,1)." ".shellescape(cygtmpfile,1)
+ else
+ " call Decho("executing: !".g:netrw_rsync_cmd." ".g:netrw_machine.":".netrw_fname." ".tmpfile)
+- exe g:netrw_silentxfer."!".g:netrw_rsync_cmd." ".g:netrw_machine.":".netrw_fname." ".tmpfile
++ exe g:netrw_silentxfer."!".g:netrw_rsync_cmd." ".shellescape(g:netrw_machine.":".b:netrw_fname,1)." ".shellescape(tmpfile,1)
+ endif
+ let result = s:NetGetFile(readcmd,tmpfile, b:netrw_method)
+ let b:netrw_lastfile = choice
+@@ -645,7 +647,6 @@
+ " fetch: NetRead Method #8 {{{3
+ " fetch://[user@]host[:http]/path
+ elseif b:netrw_method == 8
+- let netrw_fname= escape(b:netrw_fname,g:netrw_fname_escape)
+ if g:netrw_fetch_cmd == ""
+ if !exists("g:netrw_quiet")
+ echohl Error | echo "***netrw*** fetch command not available" | echohl None
+@@ -662,10 +663,10 @@
+
+ if exists("g:netrw_uid") && g:netrw_uid != "" && exists("g:netrw_passwd") && g:netrw_passwd != ""
+ " call Decho("executing: !".g:netrw_fetch_cmd." ".tmpfile." ".netrw_option."://".g:netrw_uid.':'.g:netrw_passwd.'@'.g:netrw_machine."/".netrw_fname)
+- exe g:netrw_silentxfer."!".g:netrw_fetch_cmd." ".tmpfile." ".netrw_option."://".g:netrw_uid.':'.g:netrw_passwd.'@'.g:netrw_machine."/".netrw_fname
++ exe g:netrw_silentxfer."!".g:netrw_fetch_cmd." ".shellescape(tmpfile,1)." ".shellescape(netrw_option."://".g:netrw_uid.':'.g:netrw_passwd.'@'.g:netrw_machine."/".b:netrw_fname,1)
+ else
+ " call Decho("executing: !".g:netrw_fetch_cmd." ".tmpfile." ".netrw_option."://".g:netrw_machine."/".netrw_fname)
+- exe g:netrw_silentxfer."!".g:netrw_fetch_cmd." ".tmpfile." ".netrw_option."://".g:netrw_machine."/".netrw_fname
++ exe g:netrw_silentxfer."!".g:netrw_fetch_cmd." ".shellescape(tmpfile,1)." ".shellescape(netrw_option."://".g:netrw_machine."/".b:netrw_fname,1)
+ endif
+
+ let result = s:NetGetFile(readcmd,tmpfile, b:netrw_method)
+@@ -675,15 +676,14 @@
+ " sftp: NetRead Method #9 {{{3
+ elseif b:netrw_method == 9
+ " call Decho("read via sftp (method #4)")
+- let netrw_fname= escape(b:netrw_fname,g:netrw_fname_escape)
+ if g:netrw_cygwin == 1
+ let cygtmpfile=substitute(tmpfile,'^\(\a\):','/cygdrive/\1/','e')
+ " call Decho("!".g:netrw_sftp_cmd." ".g:netrw_machine.":".netrw_fname." ".cygtmpfile)
+ " call Decho("executing: !".g:netrw_sftp_cmd." ".g:netrw_machine.":".netrw_fname." ".cygtmpfile)
+- exe "!".g:netrw_sftp_cmd." ".g:netrw_machine.":".netrw_fname." ".cygtmpfile
++ exe "!".g:netrw_sftp_cmd." ".shellescape(g:netrw_machine.":".netrw_fname,1)." ".shellescape(cygtmpfile,1)
+ else
+ " call Decho("executing: !".g:netrw_sftp_cmd." ".g:netrw_machine.":".netrw_fname." ".tmpfile)
+- exe g:netrw_silentxfer."!".g:netrw_sftp_cmd." ".g:netrw_machine.":".netrw_fname." ".tmpfile
++ exe g:netrw_silentxfer."!".g:netrw_sftp_cmd." ".shellescape(g:netrw_machine.":".netrw_fname,1)." ".shellescape(tmpfile,1)
+ endif
+ let result = s:NetGetFile(readcmd, tmpfile, b:netrw_method)
+ let b:netrw_lastfile = choice
+@@ -743,7 +743,7 @@
+ " call Dredir("ls!","starting buffer list")
+
+ " rename the current buffer to the temp file (ie. tfile)
+- keepalt exe "file ".tfile
++ keepalt exe "file ".fnameescape(tfile)
+ " call Dredir("ls!","after renaming current buffer to <".tfile.">")
+
+ " edit temporary file (ie. read the temporary file in)
+@@ -757,7 +757,7 @@
+ endif
+
+ " rename buffer back to remote filename
+- keepalt exe "file ".escape(rfile,' ')
++ keepalt exe "file ".fnameescape(rfile)
+ filetype detect
+ " call Dredir("ls!","renamed buffer back to remote filename<".rfile."> : expand(%)<".expand("%").">")
+ let line1 = 1
+@@ -768,7 +768,7 @@
+ let curline = line(".")
+ let lastline= line("$")
+ " call Decho("exe<".a:readcmd." ".v:cmdarg." ".tfile."> line#".curline)
+- exe a:readcmd." ".v:cmdarg." ".tfile
++ exe a:readcmd." ".fnameescape(v:cmdarg)." ".fnameescape(tfile)
+ let line1= curline + 1
+ let line2= line("$") - lastline + 1
+
+@@ -812,7 +812,7 @@
+ " Get Temporary Filename {{{3
+ let tmpfile= tempname()
+ " call Decho("tmpfile<".tmpfile."> (raw)")
+- let tmpfile= escape(substitute(tmpfile,'\','/','ge'),g:netrw_tmpfile_escape)
++ let tmpfile= substitute(tmpfile,'\','/','ge')
+ " call Decho("tmpfile<".tmpfile."> (escaped)")
+ if !isdirectory(substitute(tmpfile,'[^/]\+$','','e'))
+ echohl Error | echo "***netrw*** your <".substitute(tmpfile,'[^/]\+$','','e')."> directory is missing!"
+@@ -831,11 +831,11 @@
+ " for binary writes, write entire file. Line numbers don't really make sense.
+ " Supports the writing of tar and zip files.
+ " call Decho("silent exe w! ".v:cmdarg." ".tmpfile)
+- silent exe "w! ".v:cmdarg." ".tmpfile
++ silent exe "w! ".fnameescape(v:cmdarg)." ".fnameescape(tmpfile)
+ else
+ " write (selected portion of) file to temporary
+ " call Decho("silent exe ".a:firstline."," . a:lastline . "w! ".v:cmdarg." ".tmpfile)
+- silent exe a:firstline."," . a:lastline . "w! ".v:cmdarg." ".tmpfile
++ silent exe a:firstline."," . a:lastline . "w! ".fnameescape(v:cmdarg)." ".fnameescape(tmpfile)
+ endif
+
+ while ichoice <= a:0
+@@ -897,7 +897,7 @@
+ if has("win32") || has("win95") || has("win64") || has("win16")
+ let choice= substitute(choice,'\\','/','ge')
+ if !g:netrw_keepdir
+- exe 'lcd ' . fnamemodify(tmpfile,':h')
++ exe 'lcd ' . fnameescape(fnamemodify(tmpfile,':h'))
+ endif
+ let tmpfile = fnamemodify(tmpfile,':t')
+ endif
+@@ -929,9 +929,8 @@
+ let uid_machine = g:netrw_machine
+ endif
+ endif
+- let netrw_fname= escape(b:netrw_fname,g:netrw_fname_escape)
+ " call Decho("executing: !".g:netrw_rcp_cmd." ".s:netrw_rcpmode." ".tmpfile." ".uid_machine.":".netrw_fname)
+- exe g:netrw_silentxfer."!".g:netrw_rcp_cmd." ".s:netrw_rcpmode." ".tmpfile." ".uid_machine.":".netrw_fname
++ exe g:netrw_silentxfer."!".g:netrw_rcp_cmd." ".s:netrw_rcpmode." ".shellescape(tmpfile,1)." ".shellescape(uid_machine.":".b:netrw_fname,1)
+ let b:netrw_lastfile = choice
+
+ ".........................................
+@@ -940,16 +939,16 @@
+ let netrw_fname= b:netrw_fname
+ new
+ setlocal ff=unix
+- exe "put ='".g:netrw_ftpmode."'"
++ put =g:netrw_ftpmode
+ " call Decho(" filter input: ".getline("."))
+- exe "put ='"."put ".tmpfile.' \"'.netrw_fname.'\"'."'"
++ call setline(line('$')+1,'put "'.tmpfile.'" "'.netrw_fname.'"')
+ " call Decho(" filter input: ".getline("."))
+ if exists("g:netrw_port") && g:netrw_port != ""
+ " call Decho("executing: %!".g:netrw_ftp_cmd." -i ".g:netrw_machine." ".g:netrw_port)
+- exe g:netrw_silentxfer."%!".g:netrw_ftp_cmd." -i ".g:netrw_machine." ".g:netrw_port
++ exe g:netrw_silentxfer."%!".g:netrw_ftp_cmd." -i ".shellescape(g:netrw_machine,1)." ".shellescape(g:netrw_port,1)
+ else
+ " call Decho("executing: %!".g:netrw_ftp_cmd." -i ".g:netrw_machine)
+- exe g:netrw_silentxfer."%!".g:netrw_ftp_cmd." -i ".g:netrw_machine
++ exe g:netrw_silentxfer."%!".g:netrw_ftp_cmd." -i ".shellescape(g:netrw_machine,1)
+ endif
+ " If the result of the ftp operation isn't blank, show an error message (tnx to Doug Claar)
+ if getline(1) !~ "^$"
+@@ -1009,7 +1008,6 @@
+ ".........................................
+ " scp: NetWrite Method #4 {{{3
+ elseif b:netrw_method == 4
+- let netrw_fname= escape(b:netrw_fname,g:netrw_fname_escape)
+ if exists("g:netrw_port") && g:netrw_port != ""
+ let useport= " -P ".g:netrw_port
+ else
+@@ -1018,10 +1016,10 @@
+ if g:netrw_cygwin == 1
+ let cygtmpfile=substitute(tmpfile,'^\(\a\):','/cygdrive/\1/','e')
+ " call Decho("executing: !".g:netrw_scp_cmd.useport." ".cygtmpfile." '".g:netrw_machine.":".netrw_fname."'")
+- exe g:netrw_silentxfer."!".g:netrw_scp_cmd.useport." ".cygtmpfile." '".g:netrw_machine.":".netrw_fname."'"
++ exe g:netrw_silentxfer."!".g:netrw_scp_cmd.useport." ".shellescape(cygtmpfile,1)." ".shellescape(g:netrw_machine.":".b:netrw_fname,1)
+ else
+ " call Decho("executing: !".g:netrw_scp_cmd.useport." ".tmpfile." '".g:netrw_machine.":".netrw_fname."'")
+- exe g:netrw_silentxfer."!".g:netrw_scp_cmd.useport." ".tmpfile." '".g:netrw_machine.":".netrw_fname."'"
++ exe g:netrw_silentxfer."!".g:netrw_scp_cmd.useport." ".shellescape(tmpfile,1)." ".shellescape(g:netrw_machine.":".b:netrw_fname,1)
+ endif
+ let b:netrw_lastfile = choice
+
+@@ -1066,14 +1064,13 @@
+ ".........................................
+ " rsync: NetWrite Method #7 {{{3
+ elseif b:netrw_method == 7
+- let netrw_fname= escape(b:netrw_fname,g:netrw_fname_escape)
+ if g:netrw_cygwin == 1
+ let cygtmpfile=substitute(tmpfile,'^\(\a\):','/cygdrive/\1/','e')
+ " call Decho("executing: !".g:netrw_rsync_cmd." ".cygtmpfile." ".g:netrw_machine.":".netrw_fname)
+- exe g:netrw_silentxfer."!".g:netrw_rsync_cmd." ".cygtmpfile." ".g:netrw_machine.":".netrw_fname
++ exe g:netrw_silentxfer."!".g:netrw_rsync_cmd." ".shellescape(cygtmpfile,1)." ".shellescape(g:netrw_machine.":".b:netrw_fname,1)
+ else
+ " call Decho("executing: !".g:netrw_rsync_cmd." ".tmpfile." ".g:netrw_machine.":".netrw_fname)
+- exe g:netrw_silentxfer."!".g:netrw_rsync_cmd." ".tmpfile." ".g:netrw_machine.":".netrw_fname
++ exe g:netrw_silentxfer."!".g:netrw_rsync_cmd." ".shellescape(tmpfile,1)." ".shellescape(g:netrw_machine.":".b:netrw_fname,1)
+ endif
+ let b:netrw_lastfile = choice
+
+@@ -1091,7 +1088,7 @@
+ put ='put '.tmpfile.' '.netrw_fname
+ norm! 1Gdd
+ " call Decho("executing: %!".g:netrw_sftp_cmd.' '.uid_machine)
+- exe g:netrw_silentxfer."%!".g:netrw_sftp_cmd.' '.uid_machine
++ exe g:netrw_silentxfer."%!".g:netrw_sftp_cmd.' '.shellescape(uid_machine,1)
+ bd!
+ let b:netrw_lastfile= choice
+
+@@ -1246,10 +1243,10 @@
+ keepjumps keepalt enew!
+ set ma
+ " call Decho("exe file ".method."://".user.machine."/".escape(path,s:netrw_cd_escape))
+- exe "file ".method."://".user.machine."/".escape(path,s:netrw_cd_escape)
+- exe "silent doau BufReadPre ".fname
++ exe "file ".fnameescape(method."://".user.machine."/".path)
++ exe "silent doau BufReadPre ".fnameescape(fname)
+ silent call netrw#NetRead(2,method."://".user.machine."/".path)
+- exe "silent doau BufReadPost ".fname
++ exe "silent doau BufReadPost ".fnameescape(fname)
+
+ " save certain window-oriented variables into buffer-oriented variables
+ call s:SetBufWinVars()
+@@ -1286,7 +1283,7 @@
+ setlocal bt=nofile bh=wipe nobl noswf
+ exe "setlocal ts=".g:netrw_maxfilenamelen
+ " call Decho("exe file ".escape(bufname,s:netrw_cd_escape))
+- exe 'file '.escape(bufname,s:netrw_cd_escape)
++ exe 'file '.fnameescape(bufname)
+ " call Decho("renaming file to bufname<".bufname.">")
+ setlocal bt=nofile nobl nonu noswf
+ if g:netrw_fastbrowse >= 1
+@@ -1409,7 +1406,7 @@
+ " call Decho("use ssh to get remote file listing")
+ let shq= &shq? &shq : ( &sxq? &sxq : "'")
+ " call Decho("exe silent r! ".listcmd." '".shq.escape(path,s:netrw_cd_escape).shq."'")
+- exe "silent r! ".listcmd." ".shq.escape(path,s:netrw_cd_escape).shq
++ exe "silent r! ".listcmd." ".shellescape(path,1)
+ keepjumps 1d
+ " cleanup
+ if g:netrw_ftp_browse_reject != ""
+@@ -1669,7 +1666,7 @@
+ silent! keepjumps .,$d
+ call s:NetBrowseFtpCmd(a:path,"delete ".rmfile)
+ else
+- let netrw_rm_cmd= substitute(g:netrw_rm_cmd,'HOSTNAME',a:usrhost,'').' "'.escape(a:path.rmfile,s:netrw_cd_escape).'"'
++ let netrw_rm_cmd= substitute(g:netrw_rm_cmd,'HOSTNAME',a:usrhost,'').' '.shellescape(a:path.rmfile)
+ " call Decho("attempt to remove file: system(".netrw_rm_cmd.")")
+ let ret= system(netrw_rm_cmd)
+ " call Decho("returned=".ret." errcode=".v:shell_error)
+@@ -1698,13 +1695,13 @@
+ call s:NetBrowseFtpCmd(a:path,"rmdir ".rmfile)
+ else
+ let rmfile = a:path.rmfile
+- let netrw_rmdir_cmd= substitute(g:netrw_rmdir_cmd,'HOSTNAME',a:usrhost,'').' '."'".'"'.rmfile.'"'."'"
++ let netrw_rmdir_cmd= substitute(g:netrw_rmdir_cmd,'HOSTNAME',a:usrhost,'').' '.shellescape(rmfile)
+ " call Decho("attempt to remove dir: system(".netrw_rmdir_cmd.")")
+ let ret= system(netrw_rmdir_cmd)
+ " call Decho("returned=".ret." errcode=".v:shell_error)
+
+ if v:shell_error != 0
+- let netrw_rmf_cmd= substitute(g:netrw_rmf_cmd,'HOSTNAME',a:usrhost,'').' '.substitute(rmfile,'[\/]$','','e')
++ let netrw_rmf_cmd= substitute(g:netrw_rmf_cmd,'HOSTNAME',a:usrhost,'').' '.shellescape(substitute(rmfile,'[\/]$','','e'))
+ " call Decho("2nd attempt to remove dir: system(".netrw_rmf_cmd.")")
+ let ret= system(netrw_rmf_cmd)
+ " call Decho("returned=".ret." errcode=".v:shell_error)
+@@ -1760,7 +1757,7 @@
+ let oldname= a:path.oldname
+ let newname= a:path.newname
+ " call Decho("system(rename_cmd".' "'.escape(oldname," ").'" "'.escape(newname,s:netrw_cd_escape).'"')
+- let ret= system(rename_cmd.' "'.escape(oldname,s:netrw_cd_escape).'" "'.escape(newname,s:netrw_cd_escape).'"')
++ let ret= system(rename_cmd.' '.shellescape(oldname).' '.shellescape(newname))
+ endif
+
+ let ctr= ctr + 1
+@@ -1837,7 +1834,6 @@
+ if has("win32") || has("win95") || has("win64") || has("win16")
+ let exten= substitute(exten,'^.*$','\L&\E','')
+ endif
+- let fname= escape(a:fname,"%#")
+ " call Decho("fname<".fname."> after escape()")
+
+ " seems kde systems often have gnome-open due to dependencies, even though
+@@ -1859,10 +1855,12 @@
+ " create a local copy
+ let fname= tempname().".".exten
+ " call Decho("a:remote==1: create a local copy of <".a:fname."> as <".fname.">")
+- exe "silent keepjumps bot 1new ".a:fname
++ exe "silent keepjumps bot 1new ".fnameescape(a:fname)
+ set bh=delete
+- exe "w! ".fname
++ exe "w! ".fnameescape(fname)
+ q
++ else
++ let fname= a:fname
+ endif
+ " call Decho("exten<".exten."> "."netrwFileHandlers#NFH_".exten."():exists=".exists("*netrwFileHandlers#NFH_".exten))
+
+@@ -1880,24 +1878,24 @@
+ let ret= netrwFileHandlers#Invoke(exten,fname)
+ else
+ " call Decho("exe silent !".g:netrw_browsex_viewer." '".escape(fname,'%#')."' ".redir)
+- exe "silent !".g:netrw_browsex_viewer." '".escape(fname,'%#')."'".redir
++ exe "silent !".g:netrw_browsex_viewer." ".shellescape(fname,1).redir
+ let ret= v:shell_error
+ endif
+
+ " execute the file handler
+ elseif has("win32") || has("win64")
+ " call Decho('exe silent !start rundll32 url.dll,FileProtocolHandler "'.escape(fname, '%#').'"')
+- exe 'silent !start rundll32 url.dll,FileProtocolHandler "'.escape(fname, '%#').'"'
++ exe 'silent !start rundll32 url.dll,FileProtocolHandler '.shellescape(fname,1)
+ let ret= v:shell_error
+
+ elseif has("unix") && executable("gnome-open") && !s:haskdeinit
+ " call Decho("exe silent !gnome-open '".escape(fname,'%#')."' ".redir)
+- exe "silent !gnome-open '".escape(fname,'%#')."'".redir
++ exe "silent !gnome-open ".shellescape(fname,1).redir
+ let ret= v:shell_error
+
+ elseif has("unix") && executable("kfmclient") && s:haskdeinit
+ " call Decho("exe silent !kfmclient exec '".escape(fname,'%#')."' ".redir)
+- exe "silent !kfmclient exec '".escape(fname,'%#')."' ".redir
++ exe "silent !kfmclient exec ".shellescape(fname,1)." ".redir
+ let ret= v:shell_error
+
+ else
+@@ -1953,15 +1951,15 @@
+ put ='cd \"'.a:path.'\"'
+ " call Decho('ftp: '.getline("."))
+ endif
+- exe "put ='".a:listcmd."'"
++ call setline(line('$')+1,a:listcmd)
+ " call Decho("ftp: ".getline("."))
+ " redraw!|call inputsave()|call input("Pausing...")|call inputrestore()
+ if exists("g:netrw_port") && g:netrw_port != ""
+ " call Decho("exe ".g:netrw_silentxfer.curline.",$!".g:netrw_ftp_cmd." -i ".g:netrw_machine." ".g:netrw_port)
+- exe g:netrw_silentxfer.curline.",$!".g:netrw_ftp_cmd." -i ".g:netrw_machine." ".g:netrw_port
++ exe g:netrw_silentxfer.curline.",$!".g:netrw_ftp_cmd." -i ".shellescape(g:netrw_machine,1)." ".shellescape(g:netrw_port,1)
+ else
+ " call Decho("exe ".g:netrw_silentxfer.curline.",$!".g:netrw_ftp_cmd." -i ".g:netrw_machine)
+- exe g:netrw_silentxfer.curline.",$!".g:netrw_ftp_cmd." -i ".g:netrw_machine
++ exe g:netrw_silentxfer.curline.",$!".g:netrw_ftp_cmd." -i ".shellescape(g:netrw_machine,1)
+ endif
+
+ ".........................................
+@@ -1984,7 +1982,7 @@
+ if a:path != ""
+ put ='cd \"'.a:path.'\"'
+ endif
+- exe "put ='".a:listcmd."'"
++ call setline(line('$')+1,a:listcmd)
+
+ " perform ftp:
+ " -i : turns off interactive prompting from ftp
+@@ -2270,10 +2268,10 @@
+ call mkdir(fullnewdir,"p")
+ else
+ let netrw_origdir= s:NetGetcwd(1)
+- exe 'keepjumps cd '.b:netrw_curdir
++ exe 'keepjumps cd '.fnameescape(b:netrw_curdir)
+ " call Decho("netrw_origdir<".netrw_origdir.">: cd b:netrw_curdir<".b:netrw_curdir.">")
+ " call Decho("exe silent! !".g:netrw_local_mkdir.' "'.newdirname.'"')
+- exe "silent! !".g:netrw_local_mkdir.' "'.newdirname.'"'
++ exe "silent! !".g:netrw_local_mkdir.' '.shellescape(newdirname,1)
+ if !g:netrw_keepdir | exe 'keepjumps cd '.netrw_origdir | endif
+ if !g:netrw_keepdir
+ exe 'keepjumps cd '.netrw_origdir
+@@ -2357,7 +2355,7 @@
+ elseif a:chg == 1
+ " change to the bookmarked directory
+ if exists("g:NETRW_BOOKMARKDIR_{v:count}")
+- exe "e ".g:NETRW_BOOKMARKDIR_{v:count}
++ exe "e ".fnameescape(g:NETRW_BOOKMARKDIR_{v:count})
+ else
+ echomsg "Sorry, bookmark#".v:count." doesn't exist!"
+ endif
+@@ -2410,7 +2408,7 @@
+ endif
+ if exists("g:NETRW_DIRHIST_{g:NETRW_DIRHIST_CNT}")
+ " call Decho("changedir u#".g:NETRW_DIRHIST_CNT."<".g:NETRW_DIRHIST_{g:NETRW_DIRHIST_CNT}.">")
+- exe "e ".g:NETRW_DIRHIST_{g:NETRW_DIRHIST_CNT}
++ exe "e ".fnameescape(g:NETRW_DIRHIST_{g:NETRW_DIRHIST_CNT})
+ else
+ let g:NETRW_DIRHIST_CNT= ( g:NETRW_DIRHIST_CNT + 1 ) % g:netrw_dirhistmax
+ echo "Sorry, no predecessor directory exists yet"
+@@ -2421,7 +2419,7 @@
+ let g:NETRW_DIRHIST_CNT= ( g:NETRW_DIRHIST_CNT + 1 ) % g:netrw_dirhistmax
+ if exists("g:NETRW_DIRHIST_{g:NETRW_DIRHIST_CNT}")
+ " call Decho("changedir U#".g:NETRW_DIRHIST_CNT."<".g:NETRW_DIRHIST_{g:NETRW_DIRHIST_CNT}.">")
+- exe "e ".g:NETRW_DIRHIST_{g:NETRW_DIRHIST_CNT}
++ exe "e ".fnameescape(g:NETRW_DIRHIST_{g:NETRW_DIRHIST_CNT})
+ else
+ let g:NETRW_DIRHIST_CNT= ( g:NETRW_DIRHIST_CNT - 1 ) % g:netrw_dirhistmax
+ if g:NETRW_DIRHIST_CNT < 0
+@@ -2498,10 +2496,10 @@
+ " call Decho("ftp: quit")
+ if exists("g:netrw_port") && g:netrw_port != ""
+ " call Decho("exe ".g:netrw_silentxfer.endline.",$!".g:netrw_ftp_cmd." -i ".g:netrw_machine." ".g:netrw_port)
+- exe g:netrw_silentxfer.endline.",$!".g:netrw_ftp_cmd." -i ".g:netrw_machine." ".g:netrw_port
++ exe g:netrw_silentxfer.endline.",$!".g:netrw_ftp_cmd." -i ".shellescape(g:netrw_machine,1)." ".shellescape(g:netrw_port,1)
+ else
+ " call Decho("exe ".g:netrw_silentxfer.endline.",$!".g:netrw_ftp_cmd." -i ".g:netrw_machine)
+- exe g:netrw_silentxfer.endline.",$!".g:netrw_ftp_cmd." -i ".g:netrw_machine
++ exe g:netrw_silentxfer.endline.",$!".g:netrw_ftp_cmd." -i ".shellescape(g:netrw_machine,1)
+ endif
+
+ ".........................................
+@@ -2581,10 +2579,10 @@
+ if g:netrw_cygwin == 1
+ let cygtmpfile=substitute(tmpfile,'^\(\a\):','/cygdrive/\1/','e')
+ " call Decho("executing: !".g:netrw_scp_cmd.useport." ".g:netrw_machine.":".path.escape(fname,' ?&')." .")
+- exe g:netrw_silentxfer."!".g:netrw_scp_cmd.useport." ".g:netrw_machine.":".path.escape(fname,' ?&')." ."
++ exe g:netrw_silentxfer."!".g:netrw_scp_cmd.useport." ".shellescape(g:netrw_machine.":".path.fname,1)." ."
+ else
+ " call Decho("executing: !".g:netrw_scp_cmd.useport." ".g:netrw_machine.":".path.escape(fname,' ?&')." .")
+- exe g:netrw_silentxfer."!".g:netrw_scp_cmd.useport." ".g:netrw_machine.":".path.escape(fname,' ?&')." ."
++ exe g:netrw_silentxfer."!".g:netrw_scp_cmd.useport." ".shellescape(g:netrw_machine.":".path.fname,1)." ."
+ endif
+ endif
+
+@@ -2803,7 +2801,7 @@
+
+ call s:NetOptionSave()
+ if exists("w:acdkeep") && w:acdkeep
+- exe 'cd '.escape(a:dirname,s:netrw_cd_escape)
++ exe 'cd '.fnameescape(a:dirname)
+ " call Decho("cd ".escape(a:dirname,s:netrw_cd_escape))
+ " call Decho("getcwd<".getcwd().">")
+ endif
+@@ -2853,7 +2851,7 @@
+ if exists("s:last_sort_by") && g:netrw_sort_by == s:last_sort_by
+ if getline(2) =~ '^" Netrw Directory Listing '
+ if !g:netrw_keepdir
+- exe 'cd '.escape(b:netrw_curdir,s:netrw_cd_escape)
++ exe 'cd '.fnameescape(b:netrw_curdir)
+ " call Decho("netrw_keepdir=".g:netrw_keepdir.": cd ".escape(b:netrw_curdir,s:netrw_cd_escape))
+ endif
+ call s:NetOptionRestore()
+@@ -2887,7 +2885,7 @@
+ if !g:netrw_keepdir
+ " call Decho("netrw_keepdir=".g:netrw_keepdir.": cd ".escape(b:netrw_curdir,s:netrw_cd_escape))
+ try
+- exe 'cd '.escape(b:netrw_curdir,s:netrw_cd_escape)
++ exe 'cd '.fnameescape(b:netrw_curdir)
+ catch /^Vim\%((\a\+)\)\=:E472/
+ echohl Error | echo "***netrw*** unable to change directory to <".b:netrw_curdir."> (permissions?)" | echohl None
+ call inputsave()|call input("Press <cr> to continue")|call inputrestore()
+@@ -2905,7 +2903,7 @@
+ " Hmm. When another vim is open to the same directory, I get
+ " a "Press ENTER" ... ok, setting "noswf" avoids it.
+ " call Decho('exe silent! file '.escape(b:netrw_curdir,s:netrw_cd_escape))
+- exe 'silent! file '.escape(b:netrw_curdir,s:netrw_cd_escape)
++ exe 'silent! file '.fnameescape(b:netrw_curdir)
+
+ " make this buffer not-a-file, modifiable, not line-numbered, etc
+ setlocal bt=nofile nobl ma nonu noswf nowrap
+@@ -3216,7 +3214,7 @@
+ " handling a file, didn't split, so possibly remove menu
+ call s:NetMenu(0)
+ endif
+- exe "e! ".escape(dirname,s:netrw_cd_escape)
++ exe "e! ".fnameescape(dirname)
+ set ma nomod
+ endif
+
+@@ -3254,7 +3252,7 @@
+ for ibuf in s:netrw_browselist
+ if bufwinnr(ibuf) == -1
+ " call Decho("wiping buf#".ibuf)
+- exe "silent! bw ".ibuf
++ exe "silent! bw ".fnameescape(ibuf)
+ call remove(s:netrw_browselist,ibl)
+ " call Decho("browselist=".string(s:netrw_browselist))
+ continue
+@@ -3345,7 +3343,7 @@
+
+ if all || ok =~ 'y\%[es]' || ok == ""
+ " call Decho("1st attempt: system(".g:netrw_local_rmdir.' "'.rmfile.'")')
+- call system(g:netrw_local_rmdir.' "'.rmfile.'"')
++ call system(g:netrw_local_rmdir.' '.shellescape(rmfile))
+ " call Decho("v:shell_error=".v:shell_error)
+
+ if v:shell_error != 0
+@@ -3356,7 +3354,7 @@
+ if errcode != 0
+ if has("unix")
+ " call Decho("3rd attempt to remove directory<".rmfile.">")
+-call system("rm ".rmfile)
++call system("rm ".shellescape(rmfile))
+ if v:shell_error != 0 && !exists("g:netrw_quiet")
+ echohl Error | echo "***netrw*** unable to remove directory<".rmfile."> -- is it empty?" | echohl None
+ call inputsave()|call input("Press <cr> to continue")|call inputrestore()
+@@ -3500,7 +3498,7 @@
+ " call Dfunc("LocalPreview(path<".a:path.">)")
+ if has("quickfix")
+ if !isdirectory(a:path)
+- exe "pedit ".escape(a:path,g:netrw_fname_escape)
++ exe "pedit ".fnameescape(a:path)
+ elseif !exists("g:netrw_quiet")
+ echohl WarningMsg | echo "***netrw*** sorry, cannot preview a directory such as <".a:path.">" | echohl None
+ call inputsave()|call input("Press <cr> to continue")|call inputrestore()
+@@ -3640,7 +3638,7 @@
+ let s:netrw_curdir= b:netrw_curdir
+ let w:netrw_explore_list = map(getqflist(),'s:netrw_curdir."/".bufname(v:val.bufnr)')
+ else
+- exe "vimgrep /".pattern."/gj ".b:netrw_curdir."/*"
++ exe "vimgrep /".pattern."/gj ".fnameescpae(b:netrw_curdir)."/*"
+ if (has("win32") || has("win95") || has("win64") || has("win16"))
+ let w:netrw_explore_list = map(getqflist(),'bufname(v:val.bufnr)')
+ else
+@@ -3797,7 +3795,7 @@
+ let curdir= curdir.'/'
+ endif
+ if a:doesc
+- let curdir= escape(curdir,s:netrw_cd_escape)
++ let curdir= fnameescape(curdir)
+ endif
+ " call Dret("NetGetcwd <".curdir.">")
+ return curdir
diff --git a/patches/series b/patches/series
index 4c6dcf2..99afb2e 100644
--- a/patches/series
+++ b/patches/series
@@ -21,3 +21,4 @@ option.c-foldnestmax_check.diff -p0
CVE-2008-2712-xpm.vim.diff -p0
CVE-2008-2712-zip.vim.diff -p0
CVE-2008-3074-tar.vim.diff -p0
+CVE-2008-2712-netrw.vim.diff -p0
--
Vim packaging
More information about the pkg-vim-maintainers
mailing list