GNU bug report logs - #77341
[PATCH] ; (find-function-search-for-symbol): Be cautious with macros.

Previous Next

Package: emacs;

Reported by: Eshel Yaron <me <at> eshelyaron.com>

Date: Fri, 28 Mar 2025 17:29:02 UTC

Severity: normal

Tags: patch

Fixed in version 31.1

Done: Eshel Yaron <me <at> eshelyaron.com>

Bug is archived. No further changes may be made.

Full log

Message #8 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Daniel Colascione <dancol <at> dancol.org>
To: Eshel Yaron <me <at> eshelyaron.com>,
 "Eshel Yaron via Bug reports for GNU Emacs,
 the Swiss army knife of text editors" <bug-gnu-emacs <at> gnu.org>, 
 77341 <at> debbugs.gnu.org
Subject: Re: bug#77341: [PATCH] ; (find-function-search-for-symbol): Be cautious with macros.
Date: Fri, 28 Mar 2025 15:43:35 -0400

On March 28, 2025 1:28:06 PM EDT, "Eshel Yaron via Bug reports for GNU Emacs, the Swiss army knife of text editors" <bug-gnu-emacs <at> gnu.org> wrote:
>Tags: patch
>
>Hi,
>
>find-function may expand Lisp macros in a source file when it fails to
>find a definition otherwise.  This patch restricts this fallback to
>trusted buffers only, to protect against possibly harmful macros.

I get not wanting to execute code from random files I'm just visiting, but if I've already actually evaluated a macro function and installed it in my Emacs function namespace as something I can call, is it all that dangerous to call it? Instead of a blanket prohibition on macro expansion, I'd rather have macros declare that they're safe to run on untrusted inputs, which means mostly they don't eval their arguments.

This bug report was last modified 41 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #77341 [PATCH] ; (find-function-search-for-symbol): Be cautious with macros.

GNU bug report logs - #77341
[PATCH] ; (find-function-search-for-symbol): Be cautious with macros.