diff --git a/src/nvim/main.c b/src/nvim/main.c index d4fbf8ce93..f27ebb2f67 100644 --- a/src/nvim/main.c +++ b/src/nvim/main.c @@ -250,6 +250,11 @@ int main(int argc, char **argv) argv0 = argv[0]; + if (!appname_is_valid()) { + os_errmsg("$NVIM_APPNAME is not a valid file name.\n"); + exit(1); + } + if (argc > 1 && STRICMP(argv[1], "-ll") == 0) { if (argc == 2) { print_mainerr(err_arg_missing, argv[1]); diff --git a/src/nvim/os/stdpaths.c b/src/nvim/os/stdpaths.c index 8b62b9e895..53ddda22fa 100644 --- a/src/nvim/os/stdpaths.c +++ b/src/nvim/os/stdpaths.c @@ -69,6 +69,19 @@ const char *get_appname(void) return env_val; } +/// Ensure that APPNAME is valid. In particular, it cannot contain directory separators. +bool appname_is_valid(void) +{ + const char *appname = get_appname(); + const size_t appname_len = strlen(appname); + for (size_t i = 0; i < appname_len; i++) { + if (appname[i] == PATHSEP) { + return false; + } + } + return true; +} + /// Return XDG variable value /// /// @param[in] idx XDG variable to use. diff --git a/test/functional/options/defaults_spec.lua b/test/functional/options/defaults_spec.lua index 3690b7e97c..60edf219d9 100644 --- a/test/functional/options/defaults_spec.lua +++ b/test/functional/options/defaults_spec.lua @@ -14,6 +14,7 @@ local ok = helpers.ok local funcs = helpers.funcs local insert = helpers.insert local neq = helpers.neq +local nvim_prog = helpers.nvim_prog local mkdir = helpers.mkdir local rmdir = helpers.rmdir local alter_slashes = helpers.alter_slashes @@ -603,6 +604,10 @@ describe('stdpath()', function() eq(appname, funcs.fnamemodify(funcs.stdpath('data_dirs')[1], ':t')) end assert_alive() -- Check for crash. #8393 + + -- Check that nvim rejects invalid APPNAMEs + local child = funcs.jobstart({ nvim_prog }, {env={NVIM_APPNAME='a/b\\c'}}) + eq(1, funcs.jobwait({child}, 3000)[1]) end) context('returns a String', function()