mirror of
https://github.com/vim/vim.git
synced 2025-07-26 11:04:33 -04:00
816fbcc262
Problem: runtime files may execute code in current dir Solution: only execute, if not run from current directory The perl, zig and ruby filetype plugins and the zip and gzip autoload plugins may try to load malicious executable files from the current working directory. This is especially a problem on windows, where the current directory is implicitly in your $PATH and windows may even run a file with the extension `.bat` because of $PATHEXT. So make sure that we are not trying to execute a file from the current directory. If this would be the case, error out (for the zip and gzip) plugins or silently do not run those commands (for the ftplugins). This assumes, that only the current working directory is bad. For all other directories, it is assumed that those directories were intentionally set to the $PATH by the user. Signed-off-by: Christian Brabandt <cb@256bit.org>
69 lines
1.6 KiB
VimL
69 lines
1.6 KiB
VimL
" Vim filetype plugin file
|
|
" Language: Zig
|
|
" Upstream: https://github.com/ziglang/zig.vim
|
|
|
|
" Only do this when not done yet for this buffer
|
|
if exists("b:did_ftplugin")
|
|
finish
|
|
endif
|
|
|
|
let b:did_ftplugin = 1
|
|
|
|
let s:cpo_orig = &cpo
|
|
set cpo&vim
|
|
|
|
compiler zig_build
|
|
|
|
" Match Zig builtin fns
|
|
setlocal iskeyword+=@-@
|
|
|
|
" Recommended code style, no tabs and 4-space indentation
|
|
setlocal expandtab
|
|
setlocal tabstop=8
|
|
setlocal softtabstop=4
|
|
setlocal shiftwidth=4
|
|
|
|
setlocal formatoptions-=t formatoptions+=croql
|
|
|
|
setlocal suffixesadd=.zig,.zir
|
|
|
|
if has('comments')
|
|
setlocal comments=:///,://!,://,:\\\\
|
|
setlocal commentstring=//\ %s
|
|
endif
|
|
|
|
if has('find_in_path')
|
|
let &l:includeexpr='substitute(v:fname, "^([^.])$", "\1.zig", "")'
|
|
let &l:include='\v(\@import>|\@cInclude>|^\s*\#\s*include)'
|
|
endif
|
|
|
|
let &l:define='\v(<fn>|<const>|<var>|^\s*\#\s*define)'
|
|
|
|
" Safety check: don't execute zip from current directory
|
|
if !exists('g:zig_std_dir') && exists('*json_decode') &&
|
|
\ executable('zig') && fnamemodify(exepath("zig"), ":p:h") != getcwd()
|
|
silent let s:env = system('zig env')
|
|
if v:shell_error == 0
|
|
let g:zig_std_dir = json_decode(s:env)['std_dir']
|
|
endif
|
|
unlet! s:env
|
|
endif
|
|
|
|
if exists('g:zig_std_dir')
|
|
let &l:path = &l:path . ',' . g:zig_std_dir
|
|
endif
|
|
|
|
let b:undo_ftplugin =
|
|
\ 'setl isk< et< ts< sts< sw< fo< sua< mp< com< cms< inex< inc< pa<'
|
|
|
|
augroup vim-zig
|
|
autocmd! * <buffer>
|
|
autocmd BufWritePre <buffer> if get(g:, 'zig_fmt_autosave', 1) | call zig#fmt#Format() | endif
|
|
augroup END
|
|
|
|
let b:undo_ftplugin .= '|au! vim-zig * <buffer>'
|
|
|
|
let &cpo = s:cpo_orig
|
|
unlet s:cpo_orig
|
|
" vim: tabstop=8 shiftwidth=4 softtabstop=4 expandtab
|