Commit b3fd6831 authored by Paul Eggert's avatar Paul Eggert

Merge Emacs 25.3 fixes

The security patches released for Emacs 25.3 were less drastic
than what we had immediately put into master.  Adjust master to
match 25.3 (Bug#28350).
* lisp/textmodes/enriched.el (enriched-translations):
Re-enable FUNCTION and display translations that are safe.
(enriched-handle-display-prop): Bring back.
(enriched-decode-display-prop): Bring back, but disable
the unsafe part.
parent 35c893dd
2017-09-11 Eli Zaretskii <eliz@gnu.org>
* etc/NEWS: Document the vulnerability and its resolution.
Include a workaround. Suggested by Charles A. Roelli
<charles@aurox.ch>.
* lisp/gnus/mm-view.el (mm-inline-text): Disable decoding of
"enriched" and "richtext" MIME objects. Suggested by Lars
Ingebrigtsen <larsi@gnus.org>.
* lisp/textmodes/enriched.el (enriched-decode-display-prop):
Don't produce 'display' properties. (Bug#28350)
2017-04-20 Nicolas Petton <nicolas@petton.fr>
* Version 25.2 released.
......@@ -211,6 +211,8 @@ GNU Emacs 25.1 (2016-09-16) emacs-25.1
GNU Emacs 25.2 (2017-04-20) emacs-25.2
GNU Emacs 25.3 (2017-09-11) emacs-25.3
----------------------------------------------------------------------
This file is part of GNU Emacs.
......
......@@ -362,6 +362,12 @@
(goto-char (point-max))))
(save-restriction
(narrow-to-region b (point))
;; Disabled in Emacs 25.3 to avoid execution of arbitrary Lisp
;; forms in display properties supported by enriched.el.
;; (when (member type '("enriched" "richtext"))
;; (set-text-properties (point-min) (point-max) nil)
;; (ignore-errors
;; (enriched-decode (point-min) (point-max))))
(mm-handle-set-undisplayer
handle
`(lambda ()
......
......@@ -117,7 +117,12 @@ expression, which is evaluated to get the string to insert.")
(full "flushboth")
(center "center"))
(PARAMETER (t "param")) ; Argument of preceding annotation
;; The following are not part of the standard:
(FUNCTION (enriched-decode-foreground "x-color")
(enriched-decode-background "x-bg-color")
(enriched-decode-display-prop "x-display"))
(read-only (t "x-read-only"))
(display (nil enriched-handle-display-prop))
(unknown (nil format-annotate-value))
; (font-size (2 "bigger") ; unimplemented
; (-2 "smaller"))
......@@ -472,5 +477,35 @@ Return value is \(begin end name positive-p), or nil if none was found."
(message "Warning: no color specified for <x-bg-color>")
nil))
;;; Handling the `display' property.
(defun enriched-handle-display-prop (old new)
"Return a list of annotations for a change in the `display' property.
OLD is the old value of the property, NEW is the new value. Value
is a list `(CLOSE OPEN)', where CLOSE is a list of annotations to
close and OPEN a list of annotations to open. Each of these lists
has the form `(ANNOTATION PARAM ...)'."
(let ((annotation "x-display")
(param (prin1-to-string (or old new))))
(if (null old)
(cons nil (list (list annotation param)))
(cons (list (list annotation param)) nil))))
(defun enriched-decode-display-prop (start end &optional param)
"Decode a `display' property for text between START and END.
PARAM is a `<param>' found for the property.
Value is a list `(START END SYMBOL VALUE)' with START and END denoting
the range of text to assign text property SYMBOL with value VALUE."
(let ((prop (when (stringp param)
(condition-case ()
(car (read-from-string param))
(error nil)))))
(unless prop
(message "Warning: invalid <x-display> parameter %s" param))
;; Disabled in Emacs 25.3 to avoid execution of arbitrary Lisp
;; forms in display properties stored within enriched text.
;; (list start end 'display prop)))
(list start end)))
;;; enriched.el ends here
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment