vim/vim-7.1.314-CVE-2009-0316-debian.patch

53 lines
1.7 KiB
Diff
Raw Normal View History

diff -p -up ./src/if_python.c.tv ./src/if_python.c
--- ./src/if_python.c.tv 2009-02-25 09:58:07.000000000 +0100
+++ ./src/if_python.c 2009-02-25 09:58:11.000000000 +0100
@@ -394,6 +394,7 @@ static PyInt RangeEnd;
static void PythonIO_Flush(void);
static int PythonIO_Init(void);
static int PythonMod_Init(void);
+static void Python_FixPath(void);
/* Utility functions for the vim/python interface
* ----------------------------------------------
@@ -537,6 +538,11 @@ Python_Init(void)
* the current directory in sys.path. */
PyRun_SimpleString("import sys; sys.path = filter(lambda x: x != '/must>not&exist', sys.path)");
+ /* Remove empty elements from sys.path since that causes the PWD to be
+ * used for imports, possibly masking system libraries and/or running
+ * arbitrary code. */
+ Python_FixPath();
+
/* the first python thread is vim's, release the lock */
Python_SaveThread();
@@ -2390,6 +2396,28 @@ PythonMod_Init(void)
return 0;
}
+ static void
+Python_FixPath(void)
+{
+ PyObject *sys = PyImport_ImportModule("sys");
+ PyObject *sysdict = PyModule_GetDict(sys);
+ PyObject *path = PyDict_GetItemString(sysdict, "path");
+ PyObject *newpath = PyList_New(0);
+ if (newpath != NULL) {
+ Py_INCREF(newpath);
+ PyInt n = PyList_Size(path);
+ PyInt i;
+ for (i = 0; i < n; i++) {
+ PyObject *item = PyList_GetItem(path, i);
+ if (strlen(PyString_AsString(item)) != 0) {
+ PyList_Append(newpath, PyList_GetItem(path, i));
+ }
+ }
+ PyDict_SetItemString(sysdict, "path", newpath);
+ Py_DECREF(newpath);
+ }
+}
+
/*************************************************************************
* 4. Utility functions for handling the interface between Vim and Python.
*/