[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#28350: enriched.el code execution
|
From: |
Glenn Morris |
|
Subject: |
bug#28350: enriched.el code execution |
|
Date: |
Mon, 11 Sep 2017 12:32:38 -0400 |
|
User-agent: |
Gnus (www.gnus.org), GNU Emacs (www.gnu.org/software/emacs/) |
Eli Zaretskii wrote:
>> At this point it seems that unsafe display specs are more the
>> exception than the rule, so it might make sense to define the
>> `enriched-display-prop-safe-p' function by excluding the unsafe
>> specifications instead of including the safe ones. What do you
>> think?
>
> I'm not sure. The display spec can be complex, so to make sure none
> of these exceptions sneak through, you will have to recursively unpack
> the spec data structure and examine each of the elements, which smells
> too similar to emulating 'eval'. No?
FWIW, there is 'unsafep'.
- bug#28350: enriched.el code execution, Charles A. Roelli, 2017/09/04
- bug#28350: enriched.el code execution, Charles A. Roelli, 2017/09/06
- bug#28350: enriched.el code execution, Eli Zaretskii, 2017/09/06
- bug#28350: enriched.el code execution, Charles A. Roelli, 2017/09/09
- bug#28350: enriched.el code execution, Eli Zaretskii, 2017/09/09
- bug#28350: enriched.el code execution, Charles A. Roelli, 2017/09/09
- bug#28350: enriched.el code execution, Eli Zaretskii, 2017/09/09
- bug#28350: enriched.el code execution, Charles A. Roelli, 2017/09/09
- bug#28350: enriched.el code execution, Eli Zaretskii, 2017/09/10
- bug#28350: enriched.el code execution,
Glenn Morris <=
- bug#28350: enriched.el code execution, Eli Zaretskii, 2017/09/11
bug#28350: enriched.el code execution, Paul Eggert, 2017/09/09
bug#28350: enriched.el code execution, Eli Zaretskii, 2017/09/11
bug#28350: enriched.el code execution, Charles A. Roelli, 2017/09/11
bug#28350: enriched.el code execution, Eli Zaretskii, 2017/09/11
bug#28350: enriched.el code execution, Eli Zaretskii, 2017/09/16