diff options
| author | Mattias EngdegÄrd <mattiase@acm.org> | 2020-10-31 11:35:06 +0100 |
|---|---|---|
| committer | Mattias EngdegÄrd <mattiase@acm.org> | 2020-10-31 13:42:07 +0100 |
| commit | c3a20804a81826ec091a4a096c1987a61e412580 (patch) | |
| tree | 0cf4216fe7bd30a49ec1efc2660c91869cf16c38 /test/lisp/emacs-lisp/unsafep-tests.el | |
| parent | a78c6141bc1a34622894af3cee45f350e3b629ac (diff) | |
| download | emacs-c3a20804a81826ec091a4a096c1987a61e412580.tar.gz emacs-c3a20804a81826ec091a4a096c1987a61e412580.tar.bz2 emacs-c3a20804a81826ec091a4a096c1987a61e412580.zip | |
Trim and explain set of safe forms for 'unsafep' (bug#44018)
* lisp/emacs-lisp/unsafep.el:
Add comment explaining the policy for which forms can be considered
'safe' in the sense of unsafep. Remove ones that didn't make the cut:
play-sound-file (large attack surface)
catch, throw (alter program flow, inject data)
replace-regexp-in-string (execute arbitary code)
error, signal (deceptive messages)
* test/lisp/emacs-lisp/unsafep-tests.el (unsafep-tests--unsafe):
Add test cases.
* etc/NEWS: Announce the change.
Diffstat (limited to 'test/lisp/emacs-lisp/unsafep-tests.el')
| -rw-r--r-- | test/lisp/emacs-lisp/unsafep-tests.el | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/test/lisp/emacs-lisp/unsafep-tests.el b/test/lisp/emacs-lisp/unsafep-tests.el index dde0e0201d9..06c40d28ca9 100644 --- a/test/lisp/emacs-lisp/unsafep-tests.el +++ b/test/lisp/emacs-lisp/unsafep-tests.el @@ -105,6 +105,18 @@ . (variable (x))) ( (let (1) 2) . (variable 1)) + ( (error "asdf") + . #'error) + ( (signal 'error "asdf") + . #'signal) + ( (throw 'asdf) + . #'throw) + ( (catch 'asdf 17) + . #'catch) + ( (play-sound-file "asdf") + . #'play-sound-file) + ( (replace-regexp-in-string "a" "b") + . #'replace-regexp-in-string) ) "A-list of (FORM . REASON)... that `unsafep' should decide are unsafe.") |