GNU bug report logs - #50136
28.0.50; A problem with rx-let expansion

Previous Next

Package: emacs;

Reported by: Michael Heerdegen <michael_heerdegen <at> web.de>

Date: Fri, 20 Aug 2021 14:01:01 UTC

Severity: normal

Found in version 28.0.50

Done: Mattias EngdegÄrd <mattiase <at> acm.org>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Richard Stallman <rms <at> gnu.org>
To: Michael Heerdegen <michael_heerdegen <at> web.de>
Cc: mattiase <at> acm.org, 50136 <at> debbugs.gnu.org, monnier <at> iro.umontreal.ca, rms <at> gnu.org
Subject: bug#50136: 28.0.50; A problem with rx-let expansion
Date: Fri, 20 Aug 2021 23:21:00 -0400

[[[ To any NSA and FBI agents reading my email: please consider    ]]]
[[[ whether defending the US Constitution against all enemies,     ]]]
[[[ foreign or domestic, requires you to follow Snowden's example. ]]]

  > > Actually it's the rx `eval` form that you are looking for if you want
  > > arbitrary compile-time computation. `regexp` and `literal` are
  > > explicitly made for run-time expressions.

If there are variables which can hold an rx expression, we need to make
them as unsafe file variable bindings.  Or else have special code
to study them and see if evaluation constructs are used.

Has this been done?

Are these constructs an insecurity?

-- 
Dr Richard Stallman (https://stallman.org)
Chief GNUisance of the GNU Project (https://gnu.org)
Founder, Free Software Foundation (https://fsf.org)
Internet Hall-of-Famer (https://internethalloffame.org)
This bug report was last modified 3 years and 273 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.