[vim/vim] runtime(tar): force wrapping on search() (PR #19333)

1 view

Skip to first unread message

Kevin Goodsell

unread,

1:56 PM (5 hours ago) 1:56 PM

to vim/vim, Subscribed

Problem: search() is used to check for the message from tar that indicates leading slashes found in the tar archive, or to check for the leading slashes themselves. However, if 'nowrapscan' is in effect these searches are limited to the last line and don't find any results. This causes the warning message from tar to be seen in the buffer, the "Path Traversal Attack Detected" message to be omitted, and editing actions can fail. This can be seen, for example, when editing src/testdir/samples/evil.tar.

Solution: Use the 'w' flag for search().

You can view, comment on, or merge this pull request online at:

https://github.com/vim/vim/pull/19333

Commit Summary

991f658 runtime(tar): force wrapping on search()

File Changes

(1 file)

M runtime/autoload/tar.vim (2)

Patch Links:

—
Reply to this email directly, view it on GitHub.
You are receiving this because you are subscribed to this thread.

Reply all

Reply to author

Forward

0 new messages