GNU bug report logs - #37656
27.0.50; Arbitrary code execution with special `mode:'

Previous Next

Package: emacs;

Reported by: adam plaice <plaice.adam+lists <at> gmail.com>

Date: Tue, 8 Oct 2019 08:49:02 UTC

Severity: normal

Tags: security

Found in version 27.0.50

Fixed in version 30.1

Done: Stefan Kangas <stefankangas <at> gmail.com>

Bug is archived. No further changes may be made.

Full log

Message #47 received at 37656 <at> debbugs.gnu.org (full text, mbox):

From: Phil Sainty <psainty <at> orcon.net.nz>
To: Eli Zaretskii <eliz <at> gnu.org>
Cc: stefan <at> marxist.se, 37656 <at> debbugs.gnu.org,
 Adam Plaice <plaiceadam <at> gmail.com>
Subject: Re: bug#37656: 27.0.50; Arbitrary code execution with special `mode:'
Date: Thu, 17 Oct 2019 08:09:04 +1300

> > -*- mode: emacs-lisp; mode: flymake -*-
> > This relies on the "deprecated" feature of allowing `mode: '
> > to be repeated more than once, to also specify minor modes.
> > Just having: -*- mode: flymake -*- [...] would not trigger
> > the security bug.


On 17/10/19 6:09 AM, Eli Zaretskii wrote:
> I don't think that removing the feature will solve the more
> general problem in this bug report.


In particular it seems there is no point in removing the deprecated
method of calling a minor mode using local variables because, after
testing, the *approved* method of calling a minor mode via local
variables causes the same behaviour.  i.e.:

-*- mode: emacs-lisp; eval:(flymake-mode 1); -*-


So the deprecated approach isn't actually a factor here.


-Phil
This bug report was last modified 126 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.