From 2506347586621114ccb6fedb7f93a560fc19c691 Mon Sep 17 00:00:00 2001 From: Shahaf Arad Date: Fri, 13 Mar 2015 20:00:47 +0200 Subject: [PATCH] Prevent insecure plugin names. Plugins' names which contain '../', '$HOME', '%:h:h', '..\', etc. can be dangerous. Use a sensible whitelist for plugin names and prevent its expansion. --- autoload/vundle/config.vim | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/autoload/vundle/config.vim b/autoload/vundle/config.vim index 8467b9f..0e02b11 100644 --- a/autoload/vundle/config.vim +++ b/autoload/vundle/config.vim @@ -97,6 +97,9 @@ funct! s:check_bundle_name(bundle) \ ' previously used the name "' . a:bundle.name . '"' . \ '. Skipping Plugin ' . a:bundle.name_spec . '.' return 0 + elseif a:bundle.name !~ '\v^[A-Za-z0-9_-]%(\.?[A-Za-z0-9_-])*$' + echoerr 'Invalid plugin name: ' . a:bundle.name + return 0 endif let s:bundle_names[a:bundle.name] = a:bundle.name_spec return 1 @@ -262,7 +265,7 @@ let s:bundle = {} " return -- the target location to clone this bundle to " --------------------------------------------------------------------------- func! s:bundle.path() - return s:expand_path(g:vundle#bundle_dir.'/'.self.name) + return s:expand_path(g:vundle#bundle_dir.'/') . self.name endf