emmet-vim/autoload/emmet/util.vim at fbb61e7ef297ef6114b68281c19f3767a5a959ce

mirror of https://github.com/mattn/emmet-vim.git synced 2026-03-08 06:16:45 +08:00

Files

Yasuhiro Matsumoto fbb61e7ef2 Use shellescape() for external commands to prevent command injection

File paths passed to system() via xxd and identify were using manual
double-quote wrapping instead of shellescape(), which could allow
command injection with specially crafted filenames.

2026-03-07 16:45:56 +09:00

13 KiB

Raw Blame History

View Raw

13 KiB Raw Blame History

13 KiB

Raw Blame History