diff options
| author | Stefan Monnier | 2024-12-10 16:26:31 -0500 |
|---|---|---|
| committer | Stefan Monnier | 2024-12-14 09:48:36 -0500 |
| commit | b5158bd191422e46273c4d9412f2bf097e2da2e0 (patch) | |
| tree | 1872e489d63482f512a361d1ec5ec814e1ee59b3 /java/org | |
| parent | 6942599dbb24c1a469e3d3708df83692b49e4af8 (diff) | |
| download | emacs-b5158bd191422e46273c4d9412f2bf097e2da2e0.tar.gz emacs-b5158bd191422e46273c4d9412f2bf097e2da2e0.zip | |
elisp-mode.el: Disable Flymake byte-compile backend in untrusted files
To address serious security issues (CVE-2024-53920), disable
`elisp-flymake-byte-compile` except in those files explicitly
specified as "trusted".
For that introduce a new custom var `trusted-files` and new
function `trusted-content-p`.
While at it, similarly skip the implicit macroexpansion done during
completion if the current file is not trusted.
* lisp/files.el (trusted-files): New variable.
(trusted-content-p): New function.
* lisp/progmodes/elisp-mode.el (elisp--safe-macroexpand-all):
New function, extracted from `elisp--local-variables`.
Use `trusted-content-p`.
(elisp--local-variables): Use it.
(elisp-flymake-byte-compile): Disable according to `trusted-content-p`.
Diffstat (limited to 'java/org')
0 files changed, 0 insertions, 0 deletions