From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!.POSTED!not-for-mail From: npostavs@users.sourceforge.net Newsgroups: gmane.emacs.bugs Subject: bug#16984: dired-do-rename susceptible to .../~/... hijack Date: Fri, 28 Oct 2016 22:27:13 -0400 Message-ID: <87pomjrita.fsf@users.sourceforge.net> References: <87eh2aq60w.fsf@jidanni.org> <87pomrst3z.fsf@users.sourceforge.net> <837f8zpnih.fsf@gnu.org> NNTP-Posting-Host: blaine.gmane.org Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" X-Trace: blaine.gmane.org 1477708066 19820 195.159.176.226 (29 Oct 2016 02:27:46 GMT) X-Complaints-To: usenet@blaine.gmane.org NNTP-Posting-Date: Sat, 29 Oct 2016 02:27:46 +0000 (UTC) User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.1 (gnu/linux) Cc: 16984@debbugs.gnu.org, jidanni@jidanni.org To: Eli Zaretskii Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Sat Oct 29 04:27:42 2016 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by blaine.gmane.org with esmtp (Exim 4.84_2) (envelope-from ) id 1c0JMZ-0001C6-AR for geb-bug-gnu-emacs@m.gmane.org; Sat, 29 Oct 2016 04:27:15 +0200 Original-Received: from localhost ([::1]:52898 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1c0JMb-0003Fo-Tn for geb-bug-gnu-emacs@m.gmane.org; Fri, 28 Oct 2016 22:27:17 -0400 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:42568) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1c0JMP-0003E9-35 for bug-gnu-emacs@gnu.org; Fri, 28 Oct 2016 22:27:06 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1c0JML-0005D9-Sx for bug-gnu-emacs@gnu.org; Fri, 28 Oct 2016 22:27:05 -0400 Original-Received: from debbugs.gnu.org ([208.118.235.43]:47387) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1c0JML-0005Cr-Pk for bug-gnu-emacs@gnu.org; Fri, 28 Oct 2016 22:27:01 -0400 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1c0JML-0002A8-Jk for bug-gnu-emacs@gnu.org; Fri, 28 Oct 2016 22:27:01 -0400 X-Loop: help-debbugs@gnu.org Resent-From: npostavs@users.sourceforge.net Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Sat, 29 Oct 2016 02:27:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 16984 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: confirmed Original-Received: via spool by 16984-submit@debbugs.gnu.org id=B16984.14777080008273 (code B ref 16984); Sat, 29 Oct 2016 02:27:01 +0000 Original-Received: (at 16984) by debbugs.gnu.org; 29 Oct 2016 02:26:40 +0000 Original-Received: from localhost ([127.0.0.1]:34553 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1c0JLz-00029I-Jz for submit@debbugs.gnu.org; Fri, 28 Oct 2016 22:26:39 -0400 Original-Received: from mail-it0-f42.google.com ([209.85.214.42]:38552) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1c0JLy-00028x-3A; Fri, 28 Oct 2016 22:26:38 -0400 Original-Received: by mail-it0-f42.google.com with SMTP id q124so9339663itd.1; Fri, 28 Oct 2016 19:26:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=sender:from:to:cc:subject:references:date:in-reply-to:message-id :user-agent:mime-version; bh=nfYtEYwAhu/MlTF4mCElsXcfKvk6zR9uTG6ew5T6anA=; b=FK5viuN2yVhLkvMXYIym4YKFs6FH6YBqVoUD54qy8orjYJFLvjWnNGynUN9FZE4sP4 drZfdX8QHrVPDsCeP6u/rUxDHQlCuMwbSgMC5+KS8Uvb00U/KZ/NEaeO4s+/VT5n/CSq 8rAiyZlYeKvjVglziE/j0ZsvasPdUnw82QWYRlK8ik1B3AhuNnpqkgGC0tJmvVcmMLw3 wQ1HklrMYbcrzqoiyeqUoylUvnoEy9OYT4QVr/fav5e4BF6rWHSY10+8akeMLvAXSXpG 3GLXFB+yGTEAFXlcnKWLmejpb0fg50sRwRMTMUrLkvPnrLgJYAdhZaMyJFEF9aXgsYVu bmAg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:sender:from:to:cc:subject:references:date :in-reply-to:message-id:user-agent:mime-version; bh=nfYtEYwAhu/MlTF4mCElsXcfKvk6zR9uTG6ew5T6anA=; b=Kj1r1BO9wBZoLa1LzdGTFLIFnYmOXfalAuscX20meyC9v+NLyyqezw7ANv/BjwvnBI m1aFB8lPdhsMqsm4woDfqHcXp7EE+BCau5OOIwtdJmdYe3C0v03p89a1K1BaAzbo7cf7 UgReufSk/wao0vhfXwUMDsKYWWeYM5H8izxKvIY6XbemAe7CIkV1NNLcn5dY8V2aJx5H JlSFvI1CjW0oFTRZM6Nt9hhCuYNDawOWNsFvPwWSLjdLwQbdF8gptu5S2HHcBSuNhcjq j9K6prCMjmEeHCnCR3R32AiREk9nSFkZM+QSKujQwjts7mKKatHl0rFXwyuV6aQheYIg k21g== X-Gm-Message-State: ABUngvd2VOxSPzA0dZu5nT/4n2QjxUtSJtS1aaMkir0o1uexFHLh0OTjvBfSFbDe7Yx3Tg== X-Received: by 10.36.222.85 with SMTP id d82mr1197317itg.111.1477707992515; Fri, 28 Oct 2016 19:26:32 -0700 (PDT) Original-Received: from zony ([45.2.7.130]) by smtp.googlemail.com with ESMTPSA id b133sm3428223ita.1.2016.10.28.19.26.31 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Fri, 28 Oct 2016 19:26:31 -0700 (PDT) In-Reply-To: <837f8zpnih.fsf@gnu.org> (Eli Zaretskii's message of "Sun, 23 Oct 2016 09:50:30 +0300") X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 208.118.235.43 X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Original-Sender: "bug-gnu-emacs" Xref: news.gmane.org gmane.emacs.bugs:125099 Archived-At: --=-=-= Content-Type: text/plain severity 16984 minor tags 16984 patch quit Eli Zaretskii writes: >> From: npostavs@users.sourceforge.net >> Date: Sat, 22 Oct 2016 22:21:20 -0400 >> Cc: 16984@debbugs.gnu.org >> >> The essential problem seems to be that there is no way to escape >> filenames from substitute-in-file-name to protect a file named "~", >> therefore read-file-name-default can never return a filename in a >> directory with that name. > > What about the "/:" quoting? It works for me, when I type "/:" before > the name of the file which has a '~' character embedded in it. Ah, yes it works, as documented in `(emacs) Quoted File Names'. I think it would be nicer if Emacs' file prompts defaulted to insert this as needed, here's a patch to do that: --=-=-= Content-Type: text/plain Content-Disposition: attachment; filename=v1-0001-Quote-filenames-containing-in-prompts.patch Content-Description: patch >From 4b45ab051deaec0f65fa0caa7a5ecb1dff5c8cab Mon Sep 17 00:00:00 2001 From: Noam Postavsky Date: Thu, 27 Oct 2016 22:17:11 -0400 Subject: [PATCH v1] Quote filenames containing '~' in prompts When in a directory named '~', the default value given by `read-file-name' should be quoted by prepending '/:', in order to prevent it from being interpreted as referring to the $HOME directory (Bug #16984). * lisp/minibuffer.el (minibuffer-maybe-quote-filename): New function. (completion--sifn-requote, read-file-name-default): Use it instead of `minibuffer--double-dollars'. * test/lisp/files-tests.el (files-test-read-file-in-~): Test it. --- lisp/minibuffer.el | 23 ++++++++++++++++------- test/lisp/files-tests.el | 23 +++++++++++++++++++++++ 2 files changed, 39 insertions(+), 7 deletions(-) diff --git a/lisp/minibuffer.el b/lisp/minibuffer.el index 175189c..7999e7b 100644 --- a/lisp/minibuffer.el +++ b/lisp/minibuffer.el @@ -2251,6 +2251,15 @@ minibuffer--double-dollars (replace-regexp-in-string "\\$" (lambda (dollar) (concat dollar dollar)) str)) +(defun minibuffer-maybe-quote-filename (filename) + "Protect FILENAME from `substitute-in-file-name', as needed. +Useful to give the user default values that won't be substituted." + (if (and (not (string-prefix-p "/:" filename)) + (file-name-absolute-p filename) + (string-match-p "/~" filename)) + (concat "/:" filename) + (minibuffer--double-dollars filename))) + (defun completion--make-envvar-table () (mapcar (lambda (enventry) (substring enventry 0 (string-match-p "=" enventry))) @@ -2420,7 +2429,7 @@ completion--sifn-requote (substitute-in-file-name (substring qstr 0 (1- qpos))))) (setq qpos (1- qpos))) - (cons qpos #'minibuffer--double-dollars)))) + (cons qpos #'minibuffer-maybe-quote-filename)))) (defalias 'completion--file-name-table (completion-table-with-quoting #'completion-file-name-table @@ -2596,10 +2605,10 @@ read-file-name-default (let ((insdef (cond ((and insert-default-directory (stringp dir)) (if initial - (cons (minibuffer--double-dollars (concat dir initial)) - (length (minibuffer--double-dollars dir))) - (minibuffer--double-dollars dir))) - (initial (cons (minibuffer--double-dollars initial) 0))))) + (cons (minibuffer-maybe-quote-filename (concat dir initial)) + (length (minibuffer-maybe-quote-filename dir))) + (minibuffer-maybe-quote-filename dir))) + (initial (cons (minibuffer-maybe-quote-filename initial) 0))))) (let ((completion-ignore-case read-file-name-completion-ignore-case) (minibuffer-completing-file-name t) @@ -2693,7 +2702,7 @@ read-file-name-default ;; with what we will actually return. As an exception, ;; if that's the same as the second item in ;; file-name-history, it's really a repeat (Bug#4657). - (let ((val1 (minibuffer--double-dollars val))) + (let ((val1 (minibuffer-maybe-quote-filename val))) (if history-delete-duplicates (setcdr file-name-history (delete val1 (cdr file-name-history)))) @@ -2703,7 +2712,7 @@ read-file-name-default (if add-to-history ;; Add the value to the history--but not if it matches ;; the last value already there. - (let ((val1 (minibuffer--double-dollars val))) + (let ((val1 (minibuffer-maybe-quote-filename val))) (unless (and (consp file-name-history) (equal (car file-name-history) val1)) (setq file-name-history diff --git a/test/lisp/files-tests.el b/test/lisp/files-tests.el index 80d5e5b..f4ccd5c 100644 --- a/test/lisp/files-tests.el +++ b/test/lisp/files-tests.el @@ -220,5 +220,28 @@ files-test-bug-18141-file (should-not yes-or-no-p-prompts) (should (equal kill-emacs-args '(nil))))) +(ert-deftest files-test-read-file-in-~ () + "Test file prompting in directory named '~'. +If we are in a directory named '~', the default value should not +be $HOME." + (cl-letf (((symbol-function 'completing-read) + (lambda (_prompt _coll &optional _pred _req init _hist def _) + (or def init))) + (dir (make-temp-file "read-file-name-test" t))) + (unwind-protect + (let ((subdir (expand-file-name "./~/"))) + (make-directory subdir t) + (with-temp-buffer + (setq default-directory subdir) + (should-not (equal + (expand-file-name (read-file-name "File: ")) + (expand-file-name "~/"))) + ;; Don't overquote either! + (setq default-directory (concat "/:" subdir)) + (should-not (equal + (expand-file-name (read-file-name "File: ")) + (concat "/:/:" subdir))))) + (delete-directory dir 'recursive)))) + (provide 'files-tests) ;;; files-tests.el ends here -- 2.9.3 --=-=-=--