From: Bram Moolenaar Date: Thu, 9 Mar 2017 18:21:30 +0000 (+0100) Subject: patch 8.0.0442: patch shell command not well escaped X-Git-Tag: v8.0.0442 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=1ef73e33c9414eb02c229d8234aafd9d481a8856;p=vim patch 8.0.0442: patch shell command not well escaped Problem: Patch shell command uses double quotes around the argument, which allows for $HOME to be expanded. (Etienne) Solution: Use single quotes on Unix. (closes #1543) --- diff --git a/src/diff.c b/src/diff.c index b64b45ce9..7b81feba7 100644 --- a/src/diff.c +++ b/src/diff.c @@ -977,7 +977,12 @@ ex_diffpatch(exarg_T *eap) { /* Build the patch command and execute it. Ignore errors. Switch to * cooked mode to allow the user to respond to prompts. */ - vim_snprintf((char *)buf, buflen, "patch -o %s %s < \"%s\"", + vim_snprintf((char *)buf, buflen, +#ifdef UNIX + "patch -o %s %s < '%s'", +#else + "patch -o %s %s < \"%s\"", +#endif tmp_new, tmp_orig, # ifdef UNIX fullname != NULL ? fullname : diff --git a/src/testdir/test_diffmode.vim b/src/testdir/test_diffmode.vim index 73f944bce..c23e8a1da 100644 --- a/src/testdir/test_diffmode.vim +++ b/src/testdir/test_diffmode.vim @@ -318,9 +318,20 @@ func Test_diffpatch() bwipe! new call assert_fails('diffpatch Xpatch', 'E816:') - call setline(1, ['1', '2', '3']) - diffpatch Xpatch - call assert_equal(['1', '2x', '3', '4'], getline(1, '$')) + + for name in ['Xpatch', 'Xpatch$HOME'] + call setline(1, ['1', '2', '3']) + if name != 'Xpatch' + call rename('Xpatch', name) + endif + exe 'diffpatch ' . escape(name, '$') + call assert_equal(['1', '2x', '3', '4'], getline(1, '$')) + if name != 'Xpatch' + call rename(name, 'Xpatch') + endif + bwipe! + endfor + call delete('Xpatch') bwipe! endfunc diff --git a/src/version.c b/src/version.c index aee70ef65..0f7b4e499 100644 --- a/src/version.c +++ b/src/version.c @@ -764,6 +764,8 @@ static char *(features[]) = static int included_patches[] = { /* Add new patch number below this line */ +/**/ + 442, /**/ 441, /**/