File vim-7.1.314-CVE-2009-0316-debian.patch of Package vim

Index: vim74/src/if_python.c
===================================================================
--- vim74.orig/src/if_python.c
+++ vim74/src/if_python.c
@@ -806,6 +806,7 @@ py_memsave(void *p, size_t len)
  */
 
 static int PythonMod_Init(void);
+static void Python_FixPath(void);
 
 
 /******************************************************
@@ -933,6 +934,11 @@ Python_Init(void)
 	 * the current directory in sys.path. */
 	PyRun_SimpleString("import sys; sys.path = filter(lambda x: x != '/must>not&exist', sys.path)");
 
+    /* Remove empty elements from sys.path since that causes the PWD to be
+     * used for imports, possibly masking system libraries and/or running
+     * arbitrary code. */
+    Python_FixPath();
+
 	/* lock is created and acquired in PyEval_InitThreads() and thread
 	 * state is created in Py_Initialize()
 	 * there _PyGILState_NoteThreadState() also sets gilcounter to 1
@@ -1417,6 +1423,28 @@ PythonMod_Init(void)
     return 0;
 }
 
+    static void
+Python_FixPath(void)
+{
+	PyObject *sys = PyImport_ImportModule("sys");
+	PyObject *sysdict = PyModule_GetDict(sys);
+	PyObject *path = PyDict_GetItemString(sysdict, "path");
+	PyObject *newpath = PyList_New(0);
+	if (newpath != NULL) {
+	    Py_INCREF(newpath);
+	    PyInt n = PyList_Size(path);
+	    PyInt i;
+	    for (i = 0; i < n; i++) {
+		PyObject *item = PyList_GetItem(path, i);
+		if (strlen(PyString_AsString(item)) != 0) {
+		    PyList_Append(newpath, PyList_GetItem(path, i));
+		}
+	    }
+	    PyDict_SetItemString(sysdict, "path", newpath);
+	    Py_DECREF(newpath);
+	}
+}
+
 /*************************************************************************
  * 4. Utility functions for handling the interface between Vim and Python.
  */