Security: clear defaults for config file names (cf. vim-syntastic#2170).

autoload/syntastic/c.vim

@@ -228,7 +228,7 @@ function! s:_get_cflags(ft, ck, opts) abort " {{{2
     endif
 
     " add optional config file parameters
-    let config_file = s:_get_checker_var('g', a:ft, a:ck, 'config_file', '.syntastic_' . a:ft . '_config')
+    let config_file = s:_get_checker_var('b', a:ft, a:ck, 'config_file', s:_get_checker_var('g', a:ft, a:ck, 'config_file', ''))
     let flags .= ' ' . syntastic#c#ReadConfig(config_file)
 
     if b_cflags ==# '' && (a:ft ==# 'c' || a:ft ==# 'cpp') && !s:_get_checker_var('g', a:ft, a:ck, 'no_include_search', 0)

doc/syntastic-checkers.txt

@@ -234,7 +234,7 @@ linter.
 
                                                *'g:syntastic_ada_config_file'*
 Type: string
-Default: ".syntastic_ada_config"
+Default: unset
 File containing additional compilation flags to be passed to the linter, one
 option per line (cf. |syntastic-config-files|).
 
@@ -453,7 +453,7 @@ assembler. Set it to something like "-mtune=native": >
 <
                                                *'g:syntastic_asm_config_file'*
 Type: string
-Default: ".syntastic_asm_config"
+Default: unset
 File containing additional compilation flags to be passed to the assembler,
 one option per line (see |syntastic-config-files|).
 
@@ -559,7 +559,7 @@ Additionally:
 
                                             *'g:syntastic_avrgcc_config_file'*
 Type: string
-Default: ".syntastic_avrgcc_config"
+Default: unset
 File containing compilation flags (such as defines or include directories),
 one option per line (cf. |syntastic-config-files|).
 
@@ -600,7 +600,7 @@ Additionally:
 
                                        *'g:syntastic_clang_check_config_file'*
 Type: string
-Default: ".syntastic_clang_check_config"
+Default: unset
 File containing compilation flags (such as defines or include directories),
 one option per line (cf. |syntastic-config-files|).
 
@@ -651,7 +651,7 @@ Additionally:
 
                                         *'g:syntastic_clang_tidy_config_file'*
 Type: string
-Default: ".syntastic_clang_tidy_config"
+Default: unset
 File containing compilation flags (such as defines or include directories),
 one option per line (cf. |syntastic-config-files|).
 
@@ -693,7 +693,7 @@ Additionally:
 
                                           *'g:syntastic_cppcheck_config_file'*
 Type: string
-Default: ".syntastic_cppcheck_config"
+Default: unset
 File containing compilation flags (such as defines or include directories),
 one option per line (cf. |syntastic-config-files|).
 
@@ -782,7 +782,7 @@ linter.
 
                                                  *'g:syntastic_c_config_file'*
 Type: string
-Default: ".syntastic_c_config"
+Default: unset
 File containing additional compilation flags to be passed to the linter, one
 option per line (cf. |syntastic-config-files|).
 
@@ -876,7 +876,7 @@ Additionally:
 
                                             'g:syntastic_oclint_config_file'
 Type: string
-Default: ".syntastic_oclint_config"
+Default: unset
 File containing compilation flags (such as defines or include directories),
 one option per line (cf. |syntastic-config-files|).
 
@@ -917,7 +917,7 @@ Additionally:
 
                                            *'g:syntastic_pc_lint_config_file'*
 Type: string
-Default: "options.lnt"
+Default: unset
 Name of an indirect (.lnt) file. A file with that name is looked up in the
 current directory and in parent directories; first such file found is used.
 
@@ -942,7 +942,7 @@ Additionally:
 
                                             *'g:syntastic_sparse_config_file'*
 Type: string
-Default: ".syntastic_sparse_config"
+Default: unset
 File containing compilation flags (such as defines or include directories),
 one option per line (cf. |syntastic-config-files|).
 
@@ -975,7 +975,7 @@ Additionally:
 
                                             *'g:syntastic_splint_config_file'*
 Type: string
-Default: ".syntastic_splint_config"
+Default: unset
 File containing project-specific options to be passed to "Splint"
 (such as defines or include directories), one option per line (cf.
 |syntastic-config-files|).
@@ -1035,7 +1035,7 @@ Additionally:
 
                                             'g:syntastic_avrgcc_config_file'
 Type: string
-Default: ".syntastic_avrgcc_config"
+Default: unset
 File containing compilation flags (such as defines or include directories),
 one option per line (cf. |syntastic-config-files|).
 
@@ -1062,7 +1062,7 @@ Additionally:
 
                                        'g:syntastic_clang_check_config_file'
 Type: string
-Default: ".syntastic_clang_check_config"
+Default: unset
 file containing compilation flags (such as defines or include directories),
 one option per line (cf. |syntastic-config-files|).
 
@@ -1113,7 +1113,7 @@ Additionally:
 
                                         'g:syntastic_clang_tidy_config_file'
 Type: string
-Default: ".syntastic_clang_tidy_config"
+Default: unset
 File containing compilation flags (such as defines or include directories),
 one option per line (cf. |syntastic-config-files|).
 
@@ -1155,7 +1155,7 @@ Additionally:
 
                                           'g:syntastic_cppcheck_config_file'
 Type: string
-Default: ".syntastic_cppcheck_config"
+Default: unset
 File containing compilation flags (such as defines or include directories),
 one option per line (cf. |syntastic-config-files|).
 
@@ -1280,7 +1280,7 @@ linter.
 
                                                *'g:syntastic_cpp_config_file'*
 Type: string
-Default: ".syntastic_cpp_config"
+Default: unset
 File containing additional compilation flags to be passed to the linter, one
 option per line (cf. |syntastic-config-files|).
 
@@ -1363,7 +1363,7 @@ Additionally:
 
                                             'g:syntastic_oclint_config_file'
 Type: string
-Default: ".syntastic_oclint_config"
+Default: unset
 File containing compilation flags (such as defines or include directories),
 one option per line (cf. |syntastic-config-files|).
 
@@ -1405,7 +1405,7 @@ Additionally:
 
                                            'g:syntastic_pc_lint_config_file'
 Type: string
-Default: "options.lnt"
+Default: unset
 Name of an indirect (.lnt) file. A file with that name is looked up in the
 current directory and in parent directories; first such file found is used.
 
@@ -1431,7 +1431,7 @@ Additionally:
 
                                             *'g:syntastic_verapp_config_file'*
 Type: string
-Default: ".syntastic_verapp_config"
+Default: unset
 File containing additional compilation flags to be passed to the linter, one
 option per line (cf. |syntastic-config-files|).
 
@@ -1562,7 +1562,7 @@ Compilation flags (such as "-std=cobol2002") to be passed to the linter.
 
                                              *'g:syntastic_cobol_config_file'*
 Type: string
-Default: ".syntastic_cobol_config"
+Default: unset
 File containing additional compilation flags to be passed to the linter, one
 option per line (cf. |syntastic-config-files|).
 
@@ -1905,7 +1905,7 @@ Example: >
 <
                                               *'g:syntastic_cuda_config_file'*
 Type: string
-Default: ".syntastic_cuda_config"
+Default: unset
 File containing additional compilation flags to be passed to the linter, one
 option per line (cf. |syntastic-config-files|).
 
@@ -1950,7 +1950,7 @@ linter.
 
                                                  *'g:syntastic_d_config_file'*
 Type: string
-Default: ".syntastic_d_config"
+Default: unset
 File containing additional compilation flags to be passed to the linter, one
 option per line (cf. |syntastic-config-files|).
 
@@ -2342,7 +2342,7 @@ Compilation flags (such as "-std=f95") to be passed to the linter.
 
                                            *'g:syntastic_fortran_config_file'*
 Type: string
-Default: ".syntastic_fortran_config"
+Default: unset
 File containing additional compilation flags to be passed to the linter, one
 option per line (cf. |syntastic-config-files|).
 
@@ -4349,7 +4349,7 @@ linter.
 
                                               *'g:syntastic_objc_config_file'*
 Type: string
-Default: ".syntastic_objc_config"
+Default: unset
 File containing additional compilation flags to be passed to the linter, one
 option per line (cf. |syntastic-config-files|).
 
@@ -4413,7 +4413,7 @@ Additionally:
 
                                             'g:syntastic_oclint_config_file'
 Type: string
-Default: ".syntastic_oclint_config"
+Default: unset
 File containing compilation flags (such as defines or include directories),
 one option per line (cf. |syntastic-config-files|).
 
@@ -4460,7 +4460,7 @@ linter.
 
                                             *'g:syntastic_objcpp_config_file'*
 Type: string
-Default: ".syntastic_objcpp_config"
+Default: unset
 File containing additional compilation flags to be passed to the linter, one
 option per line (cf. |syntastic-config-files|).
 
@@ -4524,7 +4524,7 @@ Additionally:
 
                                             'g:syntastic_oclint_config_file'
 Type: string
-Default: ".syntastic_oclint_config"
+Default: unset
 File containing compilation flags (such as defines or include directories),
 one option per line (cf. |syntastic-config-files|).
 
@@ -7030,7 +7030,7 @@ linter.
 
                                            *'g:syntastic_verilog_config_file'*
 Type: string
-Default: ".syntastic_verilog_config"
+Default: unset
 File containing additional compilation flags to be passed to the linter, one
 option per line (cf. |syntastic-config-files|).
 

plugin/syntastic.vim

@@ -19,7 +19,7 @@ if has('reltime')
     lockvar! g:_SYNTASTIC_START
 endif
 
-let g:_SYNTASTIC_VERSION = '3.8.0-110'
+let g:_SYNTASTIC_VERSION = '3.8.0-113'
 lockvar g:_SYNTASTIC_VERSION
 
 " Sanity checks {{{1

syntax_checkers/c/avrgcc.vim

@@ -15,18 +15,16 @@ if exists('g:loaded_syntastic_c_avrgcc_checker')
 endif
 let g:loaded_syntastic_c_avrgcc_checker = 1
 
-if !exists('g:syntastic_avrgcc_config_file')
-    let g:syntastic_avrgcc_config_file = '.syntastic_avrgcc_config'
-endif
-
 let s:save_cpo = &cpo
 set cpo&vim
 
 let s:opt_x = { 'c': 'c', 'cpp': 'c++' }
 
 function! SyntaxCheckers_c_avrgcc_GetLocList() dict
+    let buf = bufnr('')
+
     let makeprg = self.makeprgBuild({
-        \ 'args_before': syntastic#c#ReadConfig(g:syntastic_avrgcc_config_file),
+        \ 'args_before': syntastic#c#ReadConfig(syntastic#util#bufVar(buf, 'avrgcc_config_file')),
         \ 'args_after': '-x ' . get(s:opt_x, self.getFiletype(), '')  . ' -fsyntax-only' })
 
     let errorformat =

syntax_checkers/c/clang_check.vim

@@ -14,10 +14,6 @@ if exists('g:loaded_syntastic_c_clang_check_checker')
 endif
 let g:loaded_syntastic_c_clang_check_checker = 1
 
-if !exists('g:syntastic_clang_check_config_file')
-    let g:syntastic_clang_check_config_file = '.syntastic_clang_check_config'
-endif
-
 if !exists('g:syntastic_c_clang_check_sort')
     let g:syntastic_c_clang_check_sort = 1
 endif
@@ -26,10 +22,12 @@ let s:save_cpo = &cpo
 set cpo&vim
 
 function! SyntaxCheckers_c_clang_check_GetLocList() dict
+    let buf = bufnr('')
+
     let makeprg = self.makeprgBuild({
         \ 'post_args':
         \   '-- ' .
-        \   syntastic#c#ReadConfig(g:syntastic_clang_check_config_file) . ' ' .
+        \   syntastic#c#ReadConfig(syntastic#util#bufVar(buf, 'clang_check_config_file')) . ' ' .
         \   '-fshow-column ' .
         \   '-fshow-source-location ' .
         \   '-fno-caret-diagnostics ' .

syntax_checkers/c/clang_tidy.vim

@@ -14,10 +14,6 @@ if exists('g:loaded_syntastic_c_clang_tidy_checker')
 endif
 let g:loaded_syntastic_c_clang_tidy_checker = 1
 
-if !exists('g:syntastic_clang_tidy_config_file')
-    let g:syntastic_clang_tidy_config_file = '.syntastic_clang_tidy_config'
-endif
-
 if !exists('g:syntastic_c_clang_tidy_sort')
     let g:syntastic_c_clang_tidy_sort = 1
 endif
@@ -26,10 +22,12 @@ let s:save_cpo = &cpo
 set cpo&vim
 
 function! SyntaxCheckers_c_clang_tidy_GetLocList() dict
+    let buf = bufnr('')
+
     let makeprg = self.makeprgBuild({
         \ 'post_args':
         \   '-- ' .
-        \   syntastic#c#ReadConfig(g:syntastic_clang_tidy_config_file) . ' ' .
+        \   syntastic#c#ReadConfig(syntastic#util#bufVar(buf, 'clang_tidy_config_file')) . ' ' .
         \   '-fshow-column ' .
         \   '-fshow-source-location ' .
         \   '-fno-caret-diagnostics ' .

syntax_checkers/c/cppcheck.vim

@@ -14,16 +14,14 @@ if exists('g:loaded_syntastic_c_cppcheck_checker')
 endif
 let g:loaded_syntastic_c_cppcheck_checker = 1
 
-if !exists('g:syntastic_cppcheck_config_file')
-    let g:syntastic_cppcheck_config_file = '.syntastic_cppcheck_config'
-endif
-
 let s:save_cpo = &cpo
 set cpo&vim
 
 function! SyntaxCheckers_c_cppcheck_GetLocList() dict
+    let buf = bufnr('')
+
     let makeprg = self.makeprgBuild({
-        \ 'args': syntastic#c#ReadConfig(g:syntastic_cppcheck_config_file),
+        \ 'args': syntastic#c#ReadConfig(syntastic#util#bufVar(buf, 'cppcheck_config_file')),
         \ 'args_after': '-q --enable=style' })
 
     let errorformat =

syntax_checkers/c/oclint.vim

@@ -14,10 +14,6 @@ if exists('g:loaded_syntastic_c_oclint_checker')
 endif
 let g:loaded_syntastic_c_oclint_checker = 1
 
-if !exists('g:syntastic_oclint_config_file')
-    let g:syntastic_oclint_config_file = '.syntastic_oclint_config'
-endif
-
 if !exists('g:syntastic_c_oclint_sort')
     let g:syntastic_c_oclint_sort = 1
 endif
@@ -26,8 +22,10 @@ let s:save_cpo = &cpo
 set cpo&vim
 
 function! SyntaxCheckers_c_oclint_GetLocList() dict
+    let buf = bufnr('')
+
     let makeprg = self.makeprgBuild({
-        \ 'post_args': '-- -c ' . syntastic#c#ReadConfig(g:syntastic_oclint_config_file) })
+        \ 'post_args': '-- -c ' . syntastic#c#ReadConfig(syntastic#util#bufVar(buf, 'oclint_config_file') })
 
     let errorformat =
         \ '%E%f:%l:%c: fatal error: %m,' .

syntax_checkers/c/pc_lint.vim

@@ -18,13 +18,9 @@ let g:loaded_syntastic_c_pc_lint_checker = 1
 let s:save_cpo = &cpo
 set cpo&vim
 
-if !exists('g:syntastic_pc_lint_config_file')
-    let g:syntastic_pc_lint_config_file = 'options.lnt'
-endif
-
 function! SyntaxCheckers_c_pc_lint_GetLocList() dict
     let buf = bufnr('')
-    let config = syntastic#util#findFileInParent(g:syntastic_pc_lint_config_file, fnamemodify(bufname(buf), ':p:h'))
+    let config = syntastic#util#findFileInParent(syntastic#util#bufVar(buf, 'pc_lint_config_file'), fnamemodify(bufname(buf), ':p:h'))
     call self.log('config =', config)
 
     " -hFs1         - show filename, add space after messages, try to make message 1 line