Zsh Mailing List Archive
Messages sorted by: Reverse Date, Date, Thread, Author

PATCH: security tests



Some builtins in computil didn't check if they were called from a
completion function. Tsk tsk tsk.

Bye
 Sven

Index: Src/Zle/computil.c
===================================================================
RCS file: /cvsroot/zsh/zsh/Src/Zle/computil.c,v
retrieving revision 1.41
diff -u -r1.41 computil.c
--- Src/Zle/computil.c	2000/08/08 12:11:42	1.41
+++ Src/Zle/computil.c	2000/08/14 08:14:10
@@ -2587,6 +2587,10 @@
     struct value vbuf;
     Value v;
 
+    if (incompfunc != 1) {
+	zwarnnam(nam, "can only be called from completion function", NULL, 0);
+	return 1;
+    }
     /* Anything to do? */
 
     if (!compqstack || !*compqstack)
@@ -3547,6 +3551,10 @@
 static int
 bin_compfiles(char *nam, char **args, char *ops, int func)
 {
+    if (incompfunc != 1) {
+	zwarnnam(nam, "can only be called from completion function", NULL, 0);
+	return 1;
+    }
     if (**args != '-') {
 	zwarnnam(nam, "missing option: %s", *args, 0);
 	return 1;
@@ -3640,6 +3648,10 @@
     Heap oldheap;
     char *n;
 
+    if (incompfunc != 1) {
+	zwarnnam(nam, "can only be called from completion function", NULL, 0);
+	return 1;
+    }
     SWITCHHEAPS(oldheap, compheap) {
 	while ((n = *args++)) {
 	    endcmgroup(NULL);

--
Sven Wischnowsky                         wischnow@xxxxxxxxxxxxxxxxxxxxxxx



Messages sorted by: Reverse Date, Date, Thread, Author