Loading ...
Sorry, an error occurred while loading the content.
 

Fwd: Re: Collection of Vulnerabilities in Fully Patched Vim 7.1

Expand Messages
  • Bram Moolenaar
    ... I did see it. Thanks for the followup. The problem with the zip plugin was a mistake in the script, using has() instead of exists(). Has already been
    Message 1 of 3 , Jul 2, 2008
      Jan Minar wrote:

      > Looks like this didn't go through, so here it is again:

      I did see it. Thanks for the followup.

      The problem with the zip plugin was a mistake in the script, using has()
      instead of exists(). Has already been fixed, but it's not distributed
      yet.

      The problem with not escaping %, # and a few others needs to be solved.
      When using "!cmd arg" these characters need to be escaped. However,
      when using system() they must not be escaped, since the backslashes
      won't be removed.

      We could add an optional argument to shellescape() to indicate it's for
      system() or for ":!cmd". With one of them being the default.

      Another way would be to have two functions. Naming them isn't easy
      though. bangescape() and systemescape()?

      I think I prefer adding an argument to shellescape(). That way it's
      also clearer there is a choice if you read the docs.

      --
      hundred-and-one symptoms of being an internet addict:
      139. You down your lunch in five minutes, at your desk, so you can
      spend the rest of the hour surfing the Net.

      /// Bram Moolenaar -- Bram@... -- http://www.Moolenaar.net \\\
      /// sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\
      \\\ download, build and distribute -- http://www.A-A-P.org ///
      \\\ help me help AIDS victims -- http://ICCF-Holland.org ///

      --~--~---------~--~----~------------~-------~--~----~
      You received this message from the "vim_dev" maillist.
      For more information, visit http://www.vim.org/maillist.php
      -~----------~----~----~----~------~----~------~--~---
    Your message has been successfully submitted and would be delivered to recipients shortly.