|
| From: | Max Nikulin |
| Subject: | Re: [PATCH] Re: [BUG][Security] begin_src :var evaluated before the prompt to confirm execution |
| Date: | Sat, 29 Oct 2022 00:12:15 +0700 |
| User-agent: | Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.2.2 |
On 28/10/2022 10:15, Ihor Radchenko wrote:
See the attached tentative patch. I tried to balance between annoying users with query and not evaluating unsafe code: '-quoted lists and symbols are still evaluated without prompt. Let me know if you see any potential issues.
If I got it right, it prompt user for every variable. I believed that single prompt is enough for both header arguments and body evaluation. Maybe I missed some issue with dependent code blocks. If I remember correctly, each block causes a prompt and I am not going to dispute such behavior. Unsure if early prompt may increase user confusion since some blocks will be evaluated not immediately after related prompt but perhaps after some delay to confirm dependent code.
diff --git a/lisp/ob-core.el b/lisp/ob-core.el
index 518831ec6..e10ab401c 100644
--- a/lisp/ob-core.el
+++ b/lisp/ob-core.el
@@ -3165,7 +3165,16 @@ (defun org-babel-read (cell &optional inhibit-lisp-eval)
((and (not inhibit-lisp-eval)
(or (memq (string-to-char cell) '(?\( ?' ?` ?\[))
(string= cell "*this*")))
- (eval (read cell) t))
+ ;; Prevent arbitrary function calls.
+ (if (and (memq (string-to-char cell) '(?\( ?`))
+ (not (org-babel-confirm-evaluate
+ ;; See `org-babel-get-src-block-info'.
+ (list "emacs-lisp" (format "%S" cell)
+ '((:eval . yes)) nil (format "%S" cell)
+ nil nil))))
+ ;; Not allowed.
+ (user-error "Evaluation of elisp code %S aborted." cell)
+ (eval (read cell) t)))
((save-match-data
(and (string-match "^[[:space:]]*\"\\(.*\\)\"[[:space:]]*$" cell)
(not (string-match "[^\\]\"" (match-string 1 cell)))))
| [Prev in Thread] | Current Thread | [Next in Thread] |