commit 0a3d615b1ca17cda978b89d66acef39b90ee7c81
parent 19da1071dca51d0045dd66fbe2a594dfd6c1c445
Author: deforde <7503504+deforde@users.noreply.github.com>
Date: Sun, 15 May 2022 22:06:23 +0200
fix(api): nvim_eval_statusline should validate input #18347
Fix #18112
Make an exception for strings starting with "%!".
Diffstat:
2 files changed, 12 insertions(+), 0 deletions(-)
diff --git a/src/nvim/api/vim.c b/src/nvim/api/vim.c
@@ -2276,6 +2276,14 @@ Dictionary nvim_eval_statusline(String str, Dict(eval_statusline) *opts, Error *
bool use_tabline = false;
bool highlights = false;
+ if (str.size < 2 || memcmp(str.data, "%!", 2)) {
+ const char *const errmsg = check_stl_option((char_u *)str.data);
+ if (errmsg) {
+ api_set_error(err, kErrorTypeValidation, "%s", errmsg);
+ return result;
+ }
+ }
+
if (HAS_KEY(opts->winid)) {
if (opts->winid.type != kObjectTypeInteger) {
api_set_error(err, kErrorTypeValidation, "winid must be an integer");
diff --git a/test/functional/api/vim_spec.lua b/test/functional/api/vim_spec.lua
@@ -3044,6 +3044,10 @@ describe('API', function()
eq('fillchar must be a single character',
pcall_err(meths.eval_statusline, '', { fillchar = 1 }))
end)
+ it('rejects invalid string', function()
+ eq('E539: Illegal character <}>',
+ pcall_err(meths.eval_statusline, '%{%}', {}))
+ end)
describe('highlight parsing', function()
it('works', function()
eq({
