diff --git a/srcpkgs/neovim/patches/CVE-2016-1248.patch b/srcpkgs/neovim/patches/CVE-2016-1248.patch new file mode 100644 index 00000000000..0748a67d688 --- /dev/null +++ b/srcpkgs/neovim/patches/CVE-2016-1248.patch @@ -0,0 +1,71 @@ +From 177272f1f76565205c5c381bdf7dd020d7c5a5a8 Mon Sep 17 00:00:00 2001 +From: James McCoy +Date: Sun, 20 Nov 2016 08:42:38 -0700 +Subject: [PATCH] vim-patch:8.0.0056 + +Problem: When setting 'filetype' there is no check for a valid name. +Solution: Only allow valid characters in 'filetype', 'syntax' and 'keymap'. + +https://github.com/vim/vim/commit/d0b5138ba4bccff8a744c99836041ef6322ed39a +--- + src/nvim/option.c | 33 ++++++++++++++++++++++++++++----- + 1 file changed, 28 insertions(+), 5 deletions(-) + +diff --git src/nvim/option.c src/nvim/option.c +index 5f338ea..24444ee 100644 +--- src/nvim/option.c ++++ src/nvim/option.c +@@ -2389,6 +2389,18 @@ static char *set_string_option(const int opt_idx, const char *const value, + return r; + } + ++/// Return true if "val" is a valid 'filetype' name. ++/// Also used for 'syntax' and 'keymap'. ++static bool valid_filetype(char_u *val) ++{ ++ for (char_u *s = val; *s != NUL; s++) { ++ if (!ASCII_ISALNUM(*s) && vim_strchr((char_u *)".-_", *s) == NULL) { ++ return false; ++ } ++ } ++ return true; ++} ++ + /* + * Handle string options that need some action to perform when changed. + * Returns NULL for success, or an error message for an error. +@@ -2620,8 +2632,12 @@ did_set_string_option ( + xfree(p_penc); + p_penc = p; + } else if (varp == &curbuf->b_p_keymap) { +- /* load or unload key mapping tables */ +- errmsg = keymap_init(); ++ if (!valid_filetype(*varp)) { ++ errmsg = e_invarg; ++ } else { ++ // load or unload key mapping tables ++ errmsg = keymap_init(); ++ } + + if (errmsg == NULL) { + if (*curbuf->b_p_keymap != NUL) { +@@ -3110,9 +3126,16 @@ did_set_string_option ( + else if (gvarp == &p_cino) { + /* TODO: recognize errors */ + parse_cino(curbuf); +- } +- /* Options that are a list of flags. */ +- else { ++ } else if (gvarp == &p_ft) { ++ if (!valid_filetype(*varp)) { ++ errmsg = e_invarg; ++ } ++ } else if (gvarp == &p_syn) { ++ if (!valid_filetype(*varp)) { ++ errmsg = e_invarg; ++ } ++ } else { ++ // Options that are a list of flags. + p = NULL; + if (varp == &p_ww) + p = (char_u *)WW_ALL; diff --git a/srcpkgs/neovim/template b/srcpkgs/neovim/template index 5d91729103f..88f507549a7 100644 --- a/srcpkgs/neovim/template +++ b/srcpkgs/neovim/template @@ -1,7 +1,7 @@ # Template file for 'neovim' pkgname=neovim version=0.1.6 -revision=1 +revision=2 build_style=cmake configure_args="-DENABLE_JEMALLOC=0" hostmakedepends="gperf lua51-lpeg lua51-mpack lua51-BitOp"