Commit: patch 9.2.0156: perleval() and rubyeval() ignore security settings
0 views
Skip to first unread message
Christian Brabandt
Mar 13, 2026, 5:32:02 PM (10 days ago) Mar 13
to vim...@googlegroups.com
patch 9.2.0156: perleval() and rubyeval() ignore security settings
Commit: https://github.com/vim/vim/commit/fba75cad9afd4bc5beb8acb0a7436c78c61b1214
Author: pyllyukko <pyll...@maimed.org>
Date: Fri Mar 13 21:15:44 2026 +0000
patch 9.2.0156: perleval() and rubyeval() ignore security settings
Problem: perleval() and rubyeval() ignore security settings
Solution: Disable those functions in restricted (-Z) or 'secure' mode
(pyllyukko).
closes: #19664
Signed-off-by: pyllyukko <pyll...@maimed.org>
Signed-off-by: Christian Brabandt <c...@256bit.org>
diff --git a/src/evalfunc.c b/src/evalfunc.c
index 9b7008415..6d40794c0 100644
--- a/src/evalfunc.c
+++ b/src/evalfunc.c
@@ -9895,6 +9895,9 @@ f_perleval(typval_T *argvars, typval_T *rettv)
char_u *str;
char_u buf[NUMBUFLEN];
+ if (check_restricted() || check_secure())
+ return;
+
if (in_vim9script() && check_for_string_arg(argvars, 0) == FAIL)
return;
@@ -10824,6 +10827,9 @@ f_rubyeval(typval_T *argvars, typval_T *rettv)
char_u *str;
char_u buf[NUMBUFLEN];
+ if (check_restricted() || check_secure())
+ return;
+
if (in_vim9script() && check_for_string_arg(argvars, 0) == FAIL)
return;
diff --git a/src/version.c b/src/version.c
index c9de55cde..3676c461b 100644
--- a/src/version.c
+++ b/src/version.c
@@ -734,6 +734,8 @@ static char *(features[]) =
static int included_patches[] =
{ /* Add new patch number below this line */
+/**/
+ 156,
/**/
155,
/**/
Commit: https://github.com/vim/vim/commit/fba75cad9afd4bc5beb8acb0a7436c78c61b1214
Author: pyllyukko <pyll...@maimed.org>
Date: Fri Mar 13 21:15:44 2026 +0000
patch 9.2.0156: perleval() and rubyeval() ignore security settings
Problem: perleval() and rubyeval() ignore security settings
Solution: Disable those functions in restricted (-Z) or 'secure' mode
(pyllyukko).
closes: #19664
Signed-off-by: pyllyukko <pyll...@maimed.org>
Signed-off-by: Christian Brabandt <c...@256bit.org>
diff --git a/src/evalfunc.c b/src/evalfunc.c
index 9b7008415..6d40794c0 100644
--- a/src/evalfunc.c
+++ b/src/evalfunc.c
@@ -9895,6 +9895,9 @@ f_perleval(typval_T *argvars, typval_T *rettv)
char_u *str;
char_u buf[NUMBUFLEN];
+ if (check_restricted() || check_secure())
+ return;
+
if (in_vim9script() && check_for_string_arg(argvars, 0) == FAIL)
return;
@@ -10824,6 +10827,9 @@ f_rubyeval(typval_T *argvars, typval_T *rettv)
char_u *str;
char_u buf[NUMBUFLEN];
+ if (check_restricted() || check_secure())
+ return;
+
if (in_vim9script() && check_for_string_arg(argvars, 0) == FAIL)
return;
diff --git a/src/version.c b/src/version.c
index c9de55cde..3676c461b 100644
--- a/src/version.c
+++ b/src/version.c
@@ -734,6 +734,8 @@ static char *(features[]) =
static int included_patches[] =
{ /* Add new patch number below this line */
+/**/
+ 156,
/**/
155,
/**/
Reply all
Reply to author
Forward
0 new messages