Re: emacs-29 3c1693d08b0: Fix Elisp code injection vulnerability in emac

emacs-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: emacs-29 3c1693d08b0: Fix Elisp code injection vulnerability in emac

From:	Po Lu
Subject:	Re: emacs-29 3c1693d08b0: Fix Elisp code injection vulnerability in emacsclient-mail.desktop
Date:	Wed, 08 Mar 2023 08:27:58 +0800
User-agent:	Gnus/5.13 (Gnus v5.13)

Ulrich Müller <ulm@gentoo.org> writes:

>  Categories=Network;Email;
>  Comment=GNU Emacs is an extensible, customizable text editor - and more
> -Exec=sh -c "exec emacsclient --alternate-editor= --display=\\"\\$DISPLAY\\" 
> --eval \\"(message-mailto \\\\\\"\\$1\\\\\\")\\"" sh %u
> +# We want to pass the following commands to the shell wrapper:
> +# u=${1//\\/\\\\}; u=${u//\"/\\\"}; exec emacsclient --alternate-editor= 
> --display="$DISPLAY" --eval "(message-mailto \"$u\")"
> +# Special chars '"', '$', and '\' must be escaped as '\\"', '\\$', and 
> '\\\\'.
> +Exec=bash -c "u=\\${1//\\\\\\\\/\\\\\\\\\\\\\\\\}; 
> u=\\${u//\\\\\\"/\\\\\\\\\\\\\\"}; exec emacsclient --alternate-editor= 
> --display=\\"\\$DISPLAY\\" --eval \\"(message-mailto \\\\\\"\\$u\\\\\\")\\"" 
> bash %u
>  Icon=emacs
>  Name=Emacs (Mail, Client)
>  MimeType=x-scheme-handler/mailto;
> @@ -13,7 +16,7 @@ Actions=new-window;new-instance;
>  
>  [Desktop Action new-window]
>  Name=New Window
> -Exec=sh -c "exec emacsclient --alternate-editor= --create-frame --eval 
> \\"(message-mailto \\\\\\"\\$1\\\\\\")\\"" sh %u
> +Exec=bash -c "u=\\${1//\\\\\\\\/\\\\\\\\\\\\\\\\}; 
> u=\\${u//\\\\\\"/\\\\\\\\\\\\\\"}; exec emacsclient --alternate-editor= 
> --create-frame --eval \\"(message-mailto \\\\\\"\\$u\\\\\\")\\"" bash %u
>  
>  [Desktop Action new-instance]
>  Name=New Instance

What if the system in question has no bash?  This is not a theoretical
question, because I have access to one system which does have .desktop
files, but only csh, /bin/sh (which is useless), and ksh93.

[Prev in Thread]

Current Thread

[Next in Thread]

Re: emacs-29 3c1693d08b0: Fix Elisp code injection vulnerability in emacsclient-mail.desktop, Po Lu <=
- Re: emacs-29 3c1693d08b0: Fix Elisp code injection vulnerability in emacsclient-mail.desktop, Ulrich Mueller, 2023/03/07
  - Re: emacs-29 3c1693d08b0: Fix Elisp code injection vulnerability in emacsclient-mail.desktop, Po Lu, 2023/03/07
    - Re: emacs-29 3c1693d08b0: Fix Elisp code injection vulnerability in emacsclient-mail.desktop, Ulrich Mueller, 2023/03/08
    - Re: emacs-29 3c1693d08b0: Fix Elisp code injection vulnerability in emacsclient-mail.desktop, Po Lu, 2023/03/08
    - Re: emacs-29 3c1693d08b0: Fix Elisp code injection vulnerability in emacsclient-mail.desktop, Ulrich Mueller, 2023/03/08
    - Re: emacs-29 3c1693d08b0: Fix Elisp code injection vulnerability in emacsclient-mail.desktop, Po Lu, 2023/03/08
    - Re: emacs-29 3c1693d08b0: Fix Elisp code injection vulnerability in emacsclient-mail.desktop, Ulrich Mueller, 2023/03/08
    - Re: emacs-29 3c1693d08b0: Fix Elisp code injection vulnerability in emacsclient-mail.desktop, Robert Pluim, 2023/03/08
    - Re: emacs-29 3c1693d08b0: Fix Elisp code injection vulnerability in emacsclient-mail.desktop, Ulrich Mueller, 2023/03/08
    - Re: emacs-29 3c1693d08b0: Fix Elisp code injection vulnerability in emacsclient-mail.desktop, Ulrich Mueller, 2023/03/08

Prev by Date: Re: Android port
Next by Date: Re: emacs-29 3c1693d08b0: Fix Elisp code injection vulnerability in emacsclient-mail.desktop
Previous by thread: Difficulties and confusion associated with .dir-locals.el
Next by thread: Re: emacs-29 3c1693d08b0: Fix Elisp code injection vulnerability in emacsclient-mail.desktop
Index(es):
- Date
- Thread