Trim and explain set of safe forms for 'unsafep' (bug#44018)

* lisp/emacs-lisp/unsafep.el: Add comment explaining the policy for which forms can be considered 'safe' in the sense of unsafep. Remove ones that didn't make the cut: play-sound-file (large attack surface) catch, throw (alter program flow, inject data) replace-regexp-in-string (execute arbitary code) error, signal (deceptive messages) * test/lisp/emacs-lisp/unsafep-tests.el (unsafep-tests--unsafe): Add test cases. * etc/NEWS: Announce the change.
2020-10-31 11:35:06 +01:00 · 2020-10-31 11:35:06 +01:00 · c3a20804a8
commit c3a20804a8
parent a78c6141bc
3 changed files with 45 additions and 4 deletions
--- a/test/lisp/emacs-lisp/unsafep-tests.el
+++ b/test/lisp/emacs-lisp/unsafep-tests.el
@ -105,6 +105,18 @@
      . (variable (x)))
    ( (let (1) 2)
      . (variable 1))
+    ( (error "asdf")
+      . #'error)
+    ( (signal 'error "asdf")
+      . #'signal)
+    ( (throw 'asdf)
+      . #'throw)
+    ( (catch 'asdf 17)
+      . #'catch)
+    ( (play-sound-file "asdf")
+      . #'play-sound-file)
+    ( (replace-regexp-in-string "a" "b")
+      . #'replace-regexp-in-string)
    )
  "A-list of (FORM . REASON)... that `unsafep' should decide are unsafe.")