Commit: patch 9.2.0736: potential command execution in PHP omni-completion
3 views
Skip to first unread message
Christian Brabandt
4:45 AM (4 hours ago) 4:45 AM
to vim...@googlegroups.com
patch 9.2.0736: potential command execution in PHP omni-completion
Commit: https://github.com/vim/vim/commit/43afc581a37a35762dd0ef292f038b9dc5680a24
Author: Hirohito Higashi <h.eas...@gmail.com>
Date: Fri Jun 26 20:07:01 2026 +0900
patch 9.2.0736: potential command execution in PHP omni-completion
Problem: With PHP omni-completion, a crafted file can potentially
execute arbitrary commands when completing a class member.
Solution: Quote the class name before inserting it into the search()
pattern run via win_execute().
Co-Authored-By: Claude Opus 4.8 (1M context) <nor...@anthropic.com>
Signed-off-by: Hirohito Higashi <h.eas...@gmail.com>
Signed-off-by: Christian Brabandt <c...@256bit.org>
diff --git a/runtime/autoload/phpcomplete.vim b/runtime/autoload/phpcomplete.vim
index 5b4263ae4..93f7d8b45 100644
--- a/runtime/autoload/phpcomplete.vim
+++ b/runtime/autoload/phpcomplete.vim
@@ -2082,7 +2082,8 @@ function! phpcomplete#GetClassContentsStructure(file_path, file_lines, class_nam
let result = []
let popup_id = popup_create(a:file_lines, {'hidden': v:true})
- call win_execute(popup_id, 'call search(''
Commit: https://github.com/vim/vim/commit/43afc581a37a35762dd0ef292f038b9dc5680a24
Author: Hirohito Higashi <h.eas...@gmail.com>
Date: Fri Jun 26 20:07:01 2026 +0900
patch 9.2.0736: potential command execution in PHP omni-completion
Problem: With PHP omni-completion, a crafted file can potentially
execute arbitrary commands when completing a class member.
Solution: Quote the class name before inserting it into the search()
pattern run via win_execute().
Co-Authored-By: Claude Opus 4.8 (1M context) <nor...@anthropic.com>
Signed-off-by: Hirohito Higashi <h.eas...@gmail.com>
Signed-off-by: Christian Brabandt <c...@256bit.org>
diff --git a/runtime/autoload/phpcomplete.vim b/runtime/autoload/phpcomplete.vim
index 5b4263ae4..93f7d8b45 100644
--- a/runtime/autoload/phpcomplete.vim
+++ b/runtime/autoload/phpcomplete.vim
@@ -2082,7 +2082,8 @@ function! phpcomplete#GetClassContentsStructure(file_path, file_lines, class_nam
let result = []
let popup_id = popup_create(a:file_lines, {'hidden': v:true})
- call win_execute(popup_id, 'call search(''
Reply all
Reply to author
Forward
0 new messages