nixo
/
guix-devel
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
guix-devel/gnu/packages/patches/emacs-unsafe-enriched-mode-...

86 lines
3.4 KiB
Diff
Raw Blame History

This file contains invisible Unicode characters!

This file contains invisible Unicode characters that may be processed differently from what appears below. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to reveal hidden characters.

This patch fixes a remote code execution vulnerability reported here:
https://bugs.gnu.org/28350
http://www.openwall.com/lists/oss-security/2017/09/11/1
From 9ad0fcc54442a9a01d41be19880250783426db70 Mon Sep 17 00:00:00 2001
From: Lars Ingebrigtsen <larsi@gnus.org>
Date: Fri, 8 Sep 2017 20:23:31 -0700
Subject: Remove unsafe enriched mode translations
* lisp/gnus/mm-view.el (mm-inline-text):
Do not worry about enriched or richtext type.
* lisp/textmodes/enriched.el (enriched-translations):
Remove translations for FUNCTION, display (Bug#28350).
(enriched-handle-display-prop, enriched-decode-display-prop): Remove.
---
lisp/gnus/mm-view.el | 4 ----
lisp/textmodes/enriched.el | 32 --------------------------------
2 files changed, 36 deletions(-)
diff --git a/lisp/gnus/mm-view.el b/lisp/gnus/mm-view.el
index e5859d0..77ad271 100644
--- a/lisp/gnus/mm-view.el
+++ b/lisp/gnus/mm-view.el
@@ -383,10 +383,6 @@
(goto-char (point-max))))
(save-restriction
(narrow-to-region b (point))
- (when (member type '("enriched" "richtext"))
- (set-text-properties (point-min) (point-max) nil)
- (ignore-errors
- (enriched-decode (point-min) (point-max))))
(mm-handle-set-undisplayer
handle
`(lambda ()
diff --git a/lisp/textmodes/enriched.el b/lisp/textmodes/enriched.el
index beb6c6d..a8f0d38 100644
--- a/lisp/textmodes/enriched.el
+++ b/lisp/textmodes/enriched.el
@@ -117,12 +117,7 @@ expression, which is evaluated to get the string to insert.")
(full "flushboth")
(center "center"))
(PARAMETER (t "param")) ; Argument of preceding annotation
- ;; The following are not part of the standard:
- (FUNCTION (enriched-decode-foreground "x-color")
- (enriched-decode-background "x-bg-color")
- (enriched-decode-display-prop "x-display"))
(read-only (t "x-read-only"))
- (display (nil enriched-handle-display-prop))
(unknown (nil format-annotate-value))
; (font-size (2 "bigger") ; unimplemented
; (-2 "smaller"))
@@ -477,32 +472,5 @@ Return value is \(begin end name positive-p), or nil if none was found."
(message "Warning: no color specified for <x-bg-color>")
nil))
-;;; Handling the `display' property.
-
-
-(defun enriched-handle-display-prop (old new)
- "Return a list of annotations for a change in the `display' property.
-OLD is the old value of the property, NEW is the new value. Value
-is a list `(CLOSE OPEN)', where CLOSE is a list of annotations to
-close and OPEN a list of annotations to open. Each of these lists
-has the form `(ANNOTATION PARAM ...)'."
- (let ((annotation "x-display")
- (param (prin1-to-string (or old new))))
- (if (null old)
- (cons nil (list (list annotation param)))
- (cons (list (list annotation param)) nil))))
-
-(defun enriched-decode-display-prop (start end &optional param)
- "Decode a `display' property for text between START and END.
-PARAM is a `<param>' found for the property.
-Value is a list `(START END SYMBOL VALUE)' with START and END denoting
-the range of text to assign text property SYMBOL with value VALUE."
- (let ((prop (when (stringp param)
- (condition-case ()
- (car (read-from-string param))
- (error nil)))))
- (unless prop
- (message "Warning: invalid <x-display> parameter %s" param))
- (list start end 'display prop)))
;;; enriched.el ends here
Reference in New Issue View Git Blame Copy Permalink