Skip to content

Commit

Permalink
Merge pull request #578 from av3r4ge/plugin-names-security-enhancement
Browse files Browse the repository at this point in the history
Prevent insecure plugin names.
  • Loading branch information
jdevera committed Mar 21, 2015
2 parents 34a3077 + 2506347 commit cfd3b2d
Showing 1 changed file with 4 additions and 1 deletion.
5 changes: 4 additions & 1 deletion autoload/vundle/config.vim
Original file line number Diff line number Diff line change
Expand Up @@ -97,6 +97,9 @@ funct! s:check_bundle_name(bundle)
\ ' previously used the name "' . a:bundle.name . '"' .
\ '. Skipping Plugin ' . a:bundle.name_spec . '.'
return 0
elseif a:bundle.name !~ '\v^[A-Za-z0-9_-]%(\.?[A-Za-z0-9_-])*$'
echoerr 'Invalid plugin name: ' . a:bundle.name
return 0
endif
let s:bundle_names[a:bundle.name] = a:bundle.name_spec
return 1
Expand Down Expand Up @@ -262,7 +265,7 @@ let s:bundle = {}
" return -- the target location to clone this bundle to
" ---------------------------------------------------------------------------
func! s:bundle.path()
return s:expand_path(g:vundle#bundle_dir.'/'.self.name)
return s:expand_path(g:vundle#bundle_dir.'/') . self.name
endf


Expand Down

0 comments on commit cfd3b2d

Please sign in to comment.