Don't consider play-sound-file to be a 'safe' function (bug#44018)

While there are currently no known security holes in play-sound-file, the attack surface is considerable and historically audio file processing has had more than its share of security problems; the benefit to risk ratio is low. * lisp/emacs-lisp/unsafep.el: Don't mark play-sound-file as safe.
author: Mattias Engdegård <mattiase@acm.org> 2020-10-26 12:40:51 +0100
committer: Mattias Engdegård <mattiase@acm.org> 2020-10-26 12:40:51 +0100
commit: cdb3c9d662c772ce25ea4d803eccd2c9e6a6ae99 (patch)
tree: 83eba19fc110680f0c5cc0cedc963256a65c2014 /lisp/emacs-lisp/unsafep.el
parent: a98bb620c4b4f483694239067b258242c5c7316e (diff)
download: emacs-cdb3c9d662c772ce25ea4d803eccd2c9e6a6ae99.tar.gz
emacs-cdb3c9d662c772ce25ea4d803eccd2c9e6a6ae99.tar.bz2
emacs-cdb3c9d662c772ce25ea4d803eccd2c9e6a6ae99.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/lisp/emacs-lisp/unsafep.el b/lisp/emacs-lisp/unsafep.el
index e7077140e54..96db5c71939 100644
--- a/lisp/emacs-lisp/unsafep.el
+++ b/lisp/emacs-lisp/unsafep.el
@@ -101,7 +101,7 @@ in the parse.")
 	     ;;Macros from subr.el
 	     save-match-data unless when
 	     ;;Functions from subr.el that have side effects
-	     split-string replace-regexp-in-string play-sound-file))
+	     split-string replace-regexp-in-string))
   (put x 'safe-function t))
 
 ;;;###autoload
author	Mattias Engdegård <mattiase@acm.org>	2020-10-26 12:40:51 +0100
committer	Mattias Engdegård <mattiase@acm.org>	2020-10-26 12:40:51 +0100
commit	cdb3c9d662c772ce25ea4d803eccd2c9e6a6ae99 (patch)
tree	83eba19fc110680f0c5cc0cedc963256a65c2014 /lisp/emacs-lisp/unsafep.el
parent	a98bb620c4b4f483694239067b258242c5c7316e (diff)
download	emacs-cdb3c9d662c772ce25ea4d803eccd2c9e6a6ae99.tar.gz emacs-cdb3c9d662c772ce25ea4d803eccd2c9e6a6ae99.tar.bz2 emacs-cdb3c9d662c772ce25ea4d803eccd2c9e6a6ae99.zip