runtime(netrw): use fnameescape() with FileUrlEdit()

Signed-off-by: Christian Brabandt <cb@256bit.org>
author: Christian Brabandt <cb@256bit.org> 2026-04-01 14:28:53 +0000
committer: Christian Brabandt <cb@256bit.org> 2026-04-01 14:47:16 +0000
commit: 3e60f03d942d6bb0f7eac61b149e83615518cec0 (patch)
tree: f5d63f7b46efbfd54ec6b9e63758d9b528a3be0c /src
parent: 2c976d0de48db4ee56769669edbc8875564d3453 (diff)
download: Project-Tick-3e60f03d942d6bb0f7eac61b149e83615518cec0.tar.gz
Project-Tick-3e60f03d942d6bb0f7eac61b149e83615518cec0.zip
1 files changed, 8 insertions, 0 deletions
diff --git a/src/testdir/test_plugin_netrw.vim b/src/testdir/test_plugin_netrw.vim
index ced6284197..478908824b 100644
--- a/src/testdir/test_plugin_netrw.vim
+++ b/src/testdir/test_plugin_netrw.vim
@@ -595,4 +595,12 @@ func Test_netrw_hostname()
   endfor
 endfunc
 
+func Test_netrw_FileUrlEdit_pipe_injection()
+  CheckExecutable id
+  let fname = 'Xtestfile'
+  let url = 'file:///tmp/file.md%7C!id>'..fname
+  sil call netrw#FileUrlEdit(url)
+  call assert_false(filereadable(fname), 'Command injection via pipe in file URL')
+endfunc
+
 " vim:ts=8 sts=2 sw=2 et
author	Christian Brabandt <cb@256bit.org>	2026-04-01 14:28:53 +0000
committer	Christian Brabandt <cb@256bit.org>	2026-04-01 14:47:16 +0000
commit	3e60f03d942d6bb0f7eac61b149e83615518cec0 (patch)
tree	f5d63f7b46efbfd54ec6b9e63758d9b528a3be0c /src
parent	2c976d0de48db4ee56769669edbc8875564d3453 (diff)
download	Project-Tick-3e60f03d942d6bb0f7eac61b149e83615518cec0.tar.gz Project-Tick-3e60f03d942d6bb0f7eac61b149e83615518cec0.zip