From f9221940779b07c755b5a2a6b5a687803ced3ce5 Mon Sep 17 00:00:00 2001 From: "Richard M. Stallman" Date: Wed, 23 Oct 2002 19:14:03 +0000 Subject: (risky-local-variable-p): New function. (hack-one-local-variable): Call it. (compile-command): Use `stringp' for `safe-local-variable' property. --- lisp/ChangeLog | 4 ++++ lisp/files.el | 25 +++++++++++++++++-------- 2 files changed, 21 insertions(+), 8 deletions(-) diff --git a/lisp/ChangeLog b/lisp/ChangeLog index 092ea237b7e..645035f426c 100644 --- a/lisp/ChangeLog +++ b/lisp/ChangeLog @@ -1,5 +1,9 @@ 2002-10-23 Richard M. Stallman + * files.el (risky-local-variable-p): New function. + (hack-one-local-variable): Call it. + (compile-command): Use `stringp' for `safe-local-variable' property. + * progmodes/compile.el (compile-internal): Update process-environment before calling start-process. diff --git a/lisp/files.el b/lisp/files.el index bc9c6dca38b..56f23043b10 100644 --- a/lisp/files.el +++ b/lisp/files.el @@ -1906,8 +1906,21 @@ is specified, returning t if it is specified." (put 'mode-line-modes 'risky-local-variable t) (put 'mode-line-position 'risky-local-variable t) -;; This one is safe because the user gets to check it before it is used. -(put 'compile-command 'safe-local-variable t) +;; This case is safe because the user gets to check it before it is used. +(put 'compile-command 'safe-local-variable 'stringp) + +(defun risky-local-variable-p (sym val) + "Non-nil if SYM could be dangerous as a file-local variable with value VAL." + (let ((safep (get sym 'safe-local-variable))) + (or (memq sym ignored-local-variables) + (get sym 'risky-local-variable) + (and (string-match "-hooks?$\\|-functions?$\\|-forms?$\\|-program$\\|-command$\\|-predicate$\\|font-lock-keywords$\\|font-lock-keywords-[0-9]+$\\|font-lock-syntactic-keywords$\\|-frame-alist$\\|-mode-alist$\\|-map$\\|-map-alist$" + (symbol-name sym)) + (not safep)) + ;; If the safe-local-variable property isn't t or nil, + ;; then it must return non-nil on the proposed value to be safe. + (and (not (memq safep '(t nil))) + (not (funcall safep val)))))) (defun hack-one-local-variable-quotep (exp) (and (consp exp) (eq (car exp) 'quote) (consp (cdr exp)))) @@ -1926,11 +1939,7 @@ is considered risky." nil) ;; "Setting" eval means either eval it or do nothing. ;; Likewise for setting hook variables. - ((or (get var 'risky-local-variable) - (and - (string-match "-hooks?$\\|-functions?$\\|-forms?$\\|-program$\\|-command$\\|-predicate$\\|font-lock-keywords$\\|font-lock-keywords-[0-9]+$\\|font-lock-syntactic-keywords$\\|-frame-alist$\\|-mode-alist$\\|-map$\\|-map-alist$" - (symbol-name var)) - (not (get var 'safe-local-variable)))) + ((risky-local-variable-p var val) ;; Permit evalling a put of a harmless property. ;; if the args do nothing tricky. (if (or (and (eq var 'eval) @@ -1962,7 +1971,7 @@ is considered risky." (save-excursion (eval val)) (make-local-variable var) (set var val)) - (message "Ignoring `eval:' in the local variables list"))) + (message "Ignoring risky spec in the local variables list"))) ;; Ordinary variable, really set it. (t (make-local-variable var) ;; Make sure the string has no text properties. -- cgit v1.2.1