Package: emacs;
Reported by: Attila Lendvai <attila.lendvai <at> gmail.com>
Date: Mon, 2 Dec 2013 16:52:02 UTC
Severity: normal
Found in version 24.3.50
Done: Stefan Monnier <monnier <at> iro.umontreal.ca>
Bug is archived. No further changes may be made.
To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 16029 in the body.
You can then email your comments to 16029 AT debbugs.gnu.org in the normal way.
Toggle the display of automated, internal messages from the tracker.
View this report as an mbox folder, status mbox, maintainer mbox
bug-gnu-emacs <at> gnu.org:bug#16029; Package emacs.
(Mon, 02 Dec 2013 16:52:02 GMT) Full text and rfc822 format available.Attila Lendvai <attila.lendvai <at> gmail.com>:bug-gnu-emacs <at> gnu.org.
(Mon, 02 Dec 2013 16:52:02 GMT) Full text and rfc822 format available.Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
From: Attila Lendvai <attila.lendvai <at> gmail.com> To: bug-gnu-emacs <at> gnu.org Subject: 24.3.50; epa-file.el: decrypted contents get inserted into the wrong buffer Date: Mon, 02 Dec 2013 22:26:04 +0600
hi,
it's a race condition while opening a file using epa-file.el to decrypt
its contents on the fly, and something else closing the buffer.
i have a timed function that auto-closes *.gpg buffers after a given
time of inactivity:
http://dwim.hu/darcsweb/darcsweb.cgi?r=HEAD%20hu.dwim.environment;a=headblob;f=/user/attila.lendvai/init.el#l72
the following simplified version can be used to reproduce the issue:
(defun %kill-gpg-buffers ()
;; automatically delete *.gpg buffers
(dolist (buffer (copy-list (buffer-list)))
(with-current-buffer buffer
(when (and (string-match ".*\.gpg$" (buffer-name))
;; a sloppy workaround: (> (buffer-size) 0)
)
(message "Auto-killing .gpg buffer '%s'" (buffer-name buffer))
(kill-buffer buffer)))))
(run-with-timer 0.1 0.1 '%kill-gpg-buffers)
;; (cancel-function-timers '%kill-gpg-buffers)
note that gpg-agent can introduce a long delay when asking the user for
the key password, which significantly raises the probability of
triggering this (i managed to save decrypted content into files where i
shouldn't have).
a possible fix is to add a check to the right place that ensures that
the current-buffer has not changed. i've experimented with this and that
in epa-file-insert-file-contents, but my emacs background knowledge is
too limited to efficiently deal with this security hole.
if it'll be rejected as a wontfix, then please advise how to implement
the autoclosing feature.
thank you for your time,
--
• attila lendvai
• PGP: 963F 5D5F 45C7 DFCD 0A39
--
“Once the fabric of a just society is undone, it takes generations to weave it back together.”
— Deepak Chopra
In GNU Emacs 24.3.50.1 (x86_64-pc-linux-gnu, GTK+ Version 3.4.2)
of 2013-04-20 on dex, modified by Debian
(emacs-snapshot package, version 2:20130420-1)
Windowing system distributor `The X.Org Foundation', version 11.0.11204000
System Description: Debian GNU/Linux 7.2 (wheezy)
Configured using:
`configure --build x86_64-linux-gnu --host x86_64-linux-gnu
--prefix=/usr --sharedstatedir=/var/lib --libexecdir=/usr/lib
--localstatedir=/var --infodir=/usr/share/info --mandir=/usr/share/man
--with-pop=yes
--enable-locallisppath=/etc/emacs-snapshot:/etc/emacs:/usr/local/share/emacs/24.3.50/site-lisp:/usr/local/share/emacs/site-lisp:/usr/share/emacs/24.3.50/site-lisp:/usr/share/emacs/site-lisp
--without-compress-info --with-crt-dir=/usr/lib/x86_64-linux-gnu/
--with-x=yes --with-x-toolkit=gtk3 --with-imagemagick=yes
CFLAGS='-DDEBIAN -DSITELOAD_PURESIZE_EXTRA=5000 -g -O2'
CPPFLAGS='-D_FORTIFY_SOURCE=2' LDFLAGS='-g -Wl,--as-needed
-znocombreloc''
Important settings:
value of $LANG: en_US.utf8
locale-coding-system: utf-8-unix
default enable-multibyte-characters: t
Major mode: Lisp
Minor modes in effect:
eldoc-mode: t
nxhtml-menu-mode: t
nxhtml-tag-do-also: t
popcmp-group-alternatives: t
popcmp-short-help-beside-alts: t
mlinks-active-links: t
rngalt-minimal-validation-header: t
rngalt-display-validation-header: t
global-edit-server-edit-mode: t
delete-selection-mode: t
ido-everywhere: t
show-paren-mode: t
slime-mode: t
global-whitespace-mode: t
shell-dirtrack-mode: t
tooltip-mode: t
mouse-wheel-mode: t
menu-bar-mode: t
file-name-shadow-mode: t
global-font-lock-mode: t
font-lock-mode: t
auto-composition-mode: t
auto-encryption-mode: t
auto-compression-mode: t
column-number-mode: t
line-number-mode: t
transient-mark-mode: t
Recent input:
<right> <right> <down> <down> <right> <down> <right>
<right> C-M-. <down> <right> <right> <right> <right>
<right> <right> <right> <right> <M-up> C-q <down> <right>
<right> <right> <right> <right> <right> <right> <right>
M-k <up> <up> <up> <up> <up> <up> <up> <right> <S-down>
<S-down> <S-down> <S-down> <S-down> <S-down> <S-down>
<S-down> <S-down> <S-left> C-, C-M-/ C-. <return> <C-tab>
C-x C-s C-M-b <down> <return> C-h C-x C-s <C-tab> <up>
<C-tab> <C-tab> <down> <up> <C-tab> <up> C-f <backspace>
n o <return> a c c o u <return> <up> <up> <up> <up>
<up> <up> <up> <up> <up> <up> <up> <up> <up> <up> <up>
<up> <down> <down> <down> <down> <down> <down> <down>
<down> C-M-b <down> <right> <right> <right> <right>
<right> <right> <right> <right> <return> <next> <next>
<next> <next> <next> <next> <next> <next> <next> <next>
<next> <next> <next> <next> <next> <next> <next> <next>
<next> <next> <next> <next> <next> <next> <next> <next>
<next> <next> <next> <next> <next> <next> <next> <next>
<next> <next> <next> <next> <next> <next> <next> <next>
<next> <next> <next> <next> <next> <next> <prior> <prior>
<prior> <prior> <prior> <prior> <prior> <prior> <prior>
<prior> <prior> <prior> <prior> <prior> <prior> <prior>
<prior> <prior> <prior> <prior> <prior> <prior> <prior>
<prior> <prior> <prior> <prior> <prior> <prior> <prior>
<prior> <prior> <prior> <prior> <prior> <prior> <prior>
<prior> <prior> <prior> <prior> <prior> <prior> <prior>
<prior> <prior> <prior> <prior> <prior> <prior> <prior>
<prior> <prior> <prior> <prior> <prior> <prior> <prior>
<prior> <prior> <prior> <prior> <prior> <prior> <prior>
<up> <up> <up> <up> <up> <up> <up> <up> <up> <up> <up>
<up> <C-tab> <down> <down> <down> <down> <up> <down>
<down> <down> <down> <down> <right> <right> <right>
<right> <right> <right> <right> <right> <right> <right>
<right> <right> <right> <right> <right> <right> <right>
<right> <up> <left> <right> <down> <left> <M-right>
<return> <up> ; ; SPC t h i <backspace> <backspace>
<backspace> M-x r e p o r t - e m a c s <return>
Recent messages:
Mark set
Saving file /home/alendvai/.emacs.d/init.el...
Wrote /home/alendvai/.emacs.d/init.el
Decrypting /home/alendvai/notes/accounts.txt.gpg...done
Auto-killing .gpg buffer 'accounts.txt.gpg'
scroll-down-command: Beginning of buffer [17 times]
Auto-saving...done
call-interactively: Text is read-only
delete-backward-char: Text is read-only
call-interactively: End of buffer [12 times]
Load-path shadows:
/home/alendvai/workspace/hu.dwim.environment/emacs/htmlize hides /usr/share/emacs-snapshot/site-lisp/emacs-goodies-el/htmlize
/usr/share/emacs/24.3.50/site-lisp/debian-startup hides /usr/share/emacs/site-lisp/debian-startup
/usr/share/emacs/24.3.50/site-lisp/cmake-data/cmake-mode hides /usr/share/emacs/site-lisp/cmake-mode
/home/alendvai/workspace/hu.dwim.environment/emacs/nxhtml/tests/ert hides /usr/share/emacs/24.3.50/lisp/emacs-lisp/ert
Features:
(shadow sort mail-extr emacsbug cc-langs cc-mode-expansions cc-mode
cc-fonts cc-guess cc-menus cc-styles cc-align dired-aux conf-mode eldoc
edit-server-htmlize etags css-mode-expansions css-mode nxml-uchnm
rng-xsd xsd-regexp rng-cmpct mule-util arc-mode archive-mode tramp-cache
misearch multi-isearch debug nxhtml-autostart nxhtml-autoload moz
cc-cmds majmodpri nxhtml-menu udev-rinari udev-ecb udev flymake-js
flymake css-color nxhtml-mode html-quote tidy-xhtml ediff-merg
ediff-diff ediff-wind ediff-help ediff-util ediff-mult ediff-init ediff
html-imenu imenu loadhist popcmp xhtml-help mlinks html-toc xml fupd
html-pagetoc foldit appmenu-fold appmenu mumamo sgml-mode rngalt desktop
cc-engine cc-vars cc-defs help-mode flyspell ispell fold-dwim hideshow
html-upl html-site ourcomments-util uniquify recentf tree-widget
the-org-mode-expansions org ob-tangle ob-ref ob-lob ob-table
org-footnote org-src ob-comint ob-keys org-pcomplete org-list org-faces
org-entities noutline outline org-version ob-emacs-lisp ob org-compat
org-macs ob-eval org-loaddefs find-func cal-menu calendar cal-loaddefs
bookmark apropos grep ffip compile gimpedit web-vcs rx url-http tls url
url-proxy url-privacy url-expand url-methods url-history url-auth
url-cookie url-domsuf url-util url-parse url-gw url-vars cus-edit
web-autoload nxhtml-base lua-mode epa-file mu4e mu4e-speedbar speedbar
sb-image ezimage dframe mu4e-main mu4e-view epa epg mu4e-headers
mu4e-compose mu4e-draft mu4e-actions rfc2368 smtpmail sendmail mu4e-mark
mu4e-message html2text mu4e-proc mu4e-utils doc-view jka-compr
image-mode mu4e-lists mu4e-about mu4e-vars hl-line mu4e-meta
expand-region text-mode-expansions nxml-mode-expansions
html-mode-expansions er-basic-expansions expand-region-custom
expand-region-core edit-server dwim-key-bindings dwim-init delsel
slime-sprof slime-tramp slime-fancy slime-fontifying-fu slime-package-fu
slime-scratch slime-fuzzy slime-fancy-trace slime-fancy-inspector
slime-presentations slime-c-p-c slime-editing-commands slime-autodoc
slime-parse slime-sbcl-exts slime-references slime-asdf slime-repl elp
ido paren cus-start cus-load smooth-scrolling warnings scheme slime
hyperspec thingatpt browse-url saveplace findr swbuff hu.dwim.logger
hu.dwim.syntax-sugar hu.dwim.quasi-quote paredit edmacro kmacro
hu.dwim.def goto-last-change whitespace rng-nxml rng-valid rng-loc
rng-uri rng-parse nxml-parse rng-match rng-dt rng-util rng-pttrn nxml-ns
nxml-mode nxml-outln nxml-rap nxml-util nxml-glyph nxml-enc xmltok tramp
tramp-compat auth-source eieio byte-opt bytecomp byte-compile cconv
tramp-loaddefs trampver shell pcomplete advice dired ielm pp comint
ansi-color ring redo darcsum gnus-fun gnus-art mm-uu mml2015 epg-config
mm-view mml-smime smime password-cache dig mailcap gnus-sum nnoo
gnus-group gnus-undo nnmail mail-source gnus-start gnus-spec gnus-int
gnus-range message format-spec rfc822 mml mml-sec mm-decode mm-bodies
mm-encode mail-parse rfc2231 rfc2047 rfc2045 ietf-drums mailabbrev
gmm-utils mailheader gnus-win gnus gnus-ems nnheader gnus-util
mail-utils mm-util mail-prsvr wid-edit easymenu derived add-log
dwim-util help-fns cl-macs gv cl nadvice cl-lib magit-install
emacs-goodies-el emacs-goodies-custom emacs-goodies-loaddefs easy-mmode
time-date tooltip ediff-hook vc-hooks lisp-float-type mwheel x-win x-dnd
tool-bar dnd fontset image regexp-opt fringe tabulated-list newcomment
lisp-mode register page menu-bar rfn-eshadow timer select scroll-bar
mouse jit-lock font-lock syntax facemenu font-core frame cham georgian
utf-8-lang misc-lang vietnamese tibetan thai tai-viet lao korean
japanese hebrew greek romanian slovak czech european ethiopic indian
cyrillic chinese case-table epa-hook jka-cmpr-hook help simple abbrev
minibuffer loaddefs button faces cus-face macroexp files text-properties
overlay sha1 md5 base64 format env code-pages mule custom widget
hashtable-print-readable backquote make-network-process dbusbind inotify
dynamic-setting system-font-setting font-render-setting move-toolbar gtk
x-toolkit x multi-tty emacs)
<#secure method=pgpmime mode=sign>
Stefan Monnier <monnier <at> iro.umontreal.ca>:Attila Lendvai <attila.lendvai <at> gmail.com>:Message #10 received at 16029-done <at> debbugs.gnu.org (full text, mbox):
From: Stefan Monnier <monnier <at> iro.umontreal.ca> To: Attila Lendvai <attila.lendvai <at> gmail.com> Cc: 16029-done <at> debbugs.gnu.org Subject: Re: bug#16029: 24.3.50; epa-file.el: decrypted contents get inserted into the wrong buffer Date: Mon, 02 Dec 2013 13:56:40 -0500
> it's a race condition while opening a file using epa-file.el to decrypt
> its contents on the fly, and something else closing the buffer.
Indeed, epg-decrypt-file runs filters and timers, so "anything can
happen". I installed the patch below to try and address this problem,
Stefan
=== modified file 'lisp/epa-file.el'
--- lisp/epa-file.el 2013-10-28 08:04:48 +0000
+++ lisp/epa-file.el 2013-12-02 18:51:23 +0000
@@ -132,6 +132,7 @@
(error)))
(local-file (or local-copy file))
(context (epg-make-context))
+ (buf (current-buffer))
string length entry)
(if visit
(setq buffer-file-name file))
@@ -157,9 +158,10 @@
nil t))
(signal 'file-error
(cons "Opening input file" (cdr error)))))
- (make-local-variable 'epa-file-encrypt-to)
- (setq epa-file-encrypt-to
- (mapcar #'car (epg-context-result-for context 'encrypted-to)))
+ (set-buffer buf) ;In case timer/filter changed/killed it (bug#16029)!
+ (setq-local epa-file-encrypt-to
+ (mapcar #'car (epg-context-result-for
+ context 'encrypted-to)))
(if (or beg end)
(setq string (substring string (or beg 0) end)))
(save-excursion
Debbugs Internal Request <help-debbugs <at> gnu.org>
to internal_control <at> debbugs.gnu.org.
(Tue, 31 Dec 2013 12:24:03 GMT) Full text and rfc822 format available.
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.