From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!.POSTED!not-for-mail From: npostavs@users.sourceforge.net Newsgroups: gmane.emacs.bugs Subject: bug#16984: dired-do-rename susceptible to .../~/... hijack Date: Mon, 31 Oct 2016 20:42:22 -0400 Message-ID: <87wpgoowsx.fsf@users.sourceforge.net> References: <87eh2aq60w.fsf@jidanni.org> <87pomrst3z.fsf@users.sourceforge.net> <837f8zpnih.fsf@gnu.org> <87pomjrita.fsf@users.sourceforge.net> <83pomjr63z.fsf@gnu.org> <87eg2zb860.fsf@gmx.de> <87h97vqhf3.fsf@users.sourceforge.net> <874m3vazx2.fsf@gmx.de> NNTP-Posting-Host: blaine.gmane.org Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" X-Trace: blaine.gmane.org 1477960951 14411 195.159.176.226 (1 Nov 2016 00:42:31 GMT) X-Complaints-To: usenet@blaine.gmane.org NNTP-Posting-Date: Tue, 1 Nov 2016 00:42:31 +0000 (UTC) User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.1 (gnu/linux) Cc: 16984@debbugs.gnu.org, jidanni@jidanni.org To: Michael Albinus Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Tue Nov 01 01:42:26 2016 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by blaine.gmane.org with esmtp (Exim 4.84_2) (envelope-from ) id 1c1N9c-0001mA-Pm for geb-bug-gnu-emacs@m.gmane.org; Tue, 01 Nov 2016 01:42:17 +0100 Original-Received: from localhost ([::1]:39223 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1c1N9e-0001f1-JL for geb-bug-gnu-emacs@m.gmane.org; Mon, 31 Oct 2016 20:42:18 -0400 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:51589) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1c1N9T-0001dV-0N for bug-gnu-emacs@gnu.org; Mon, 31 Oct 2016 20:42:08 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1c1N9O-0004Is-32 for bug-gnu-emacs@gnu.org; Mon, 31 Oct 2016 20:42:07 -0400 Original-Received: from debbugs.gnu.org ([208.118.235.43]:51251) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1c1N9N-0004Io-VH for bug-gnu-emacs@gnu.org; Mon, 31 Oct 2016 20:42:02 -0400 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1c1N9N-0008Gh-OL for bug-gnu-emacs@gnu.org; Mon, 31 Oct 2016 20:42:01 -0400 X-Loop: help-debbugs@gnu.org Resent-From: npostavs@users.sourceforge.net Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Tue, 01 Nov 2016 00:42:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 16984 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: patch confirmed Original-Received: via spool by 16984-submit@debbugs.gnu.org id=B16984.147796090931763 (code B ref 16984); Tue, 01 Nov 2016 00:42:01 +0000 Original-Received: (at 16984) by debbugs.gnu.org; 1 Nov 2016 00:41:49 +0000 Original-Received: from localhost ([127.0.0.1]:38417 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1c1N9B-0008GE-3E for submit@debbugs.gnu.org; Mon, 31 Oct 2016 20:41:49 -0400 Original-Received: from mail-yw0-f181.google.com ([209.85.161.181]:36005) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1c1N98-0008Fy-Hs for 16984@debbugs.gnu.org; Mon, 31 Oct 2016 20:41:47 -0400 Original-Received: by mail-yw0-f181.google.com with SMTP id l124so21596028ywb.3 for <16984@debbugs.gnu.org>; Mon, 31 Oct 2016 17:41:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=sender:from:to:cc:subject:references:date:in-reply-to:message-id :user-agent:mime-version; bh=afKRmubCy4HUOuV72SuCSdcOxy48adntfGbTVsGqltU=; b=txfuZuOUSWRQin4sogzi5AbRIs01eb2S6crr1r9/kBqvoK6dEDXlXKEJ+U716llUJ+ hKfXGkSvOvD6OwEu+N3e2yIGWP8nUvsWdeKDGNvWbCwznp1x3SKZcAD4ge9KABYkS3vX dluYKt6gJfucYOwcDO7uMSImunjHbgt/bUHlqqbHHSXijTBonXL8ZFl+C31Rxirn0P+Q XQuVX2jeed9HbzK0EJSuwihnugqy/HWr1ElgMG9H1TnWBqKuwLwA2J5D//JZQJlVKXf9 ZzN3BNhdfyOipGIzOysHvXwxq1dy0CM1KvAKwdNbSlvrMOGjwI6o+eNxtB6GqiorL/Pw 2r9Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:sender:from:to:cc:subject:references:date :in-reply-to:message-id:user-agent:mime-version; bh=afKRmubCy4HUOuV72SuCSdcOxy48adntfGbTVsGqltU=; b=PfblBpnJjkDaOQ+dDxiaD3aDefWiUvDbZ0SGhTbfcoAMsUeCMO1WQ+4CfMRA5y/pZx Dx8uDKCf6+diQrgP5ONn6zfPcuoqtKgUiFxvEtbqLUp4xbKMuBEiJJDAzEFrnW0Dn0UZ LmnoofApfSrdoCU/+JdWaLPILshXSislEysuVtf//JsI8p/+q4SX8truScNNi8Kx9qth Nl2yv8+LOodSLrfct87wxAru2p8MFCMvZhR6De1Lp1AwG6rDiIDDRgSxm/bbddaB4Y53 tOIZlQwc9ntAxT2BXTWrKrombmGNkKjAUBGgoddzImMdZ+yYZbHRwyKpuLNEURXfTR4O 7F0A== X-Gm-Message-State: ABUngvc64+Ctgq1D12zUWMmN6zvv/r6WYtqr+/p2gA5e6CBeNmNQcKB7ByPO4MGKs9wctA== X-Received: by 10.36.99.67 with SMTP id j64mr9427445itc.119.1477960900907; Mon, 31 Oct 2016 17:41:40 -0700 (PDT) Original-Received: from zony ([45.2.7.130]) by smtp.googlemail.com with ESMTPSA id y189sm11408666ioy.28.2016.10.31.17.41.39 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Mon, 31 Oct 2016 17:41:40 -0700 (PDT) In-Reply-To: <874m3vazx2.fsf@gmx.de> (Michael Albinus's message of "Sat, 29 Oct 2016 18:22:01 +0200") X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 208.118.235.43 X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Original-Sender: "bug-gnu-emacs" Xref: news.gmane.org gmane.emacs.bugs:125194 Archived-At: --=-=-= Content-Type: text/plain Michael Albinus writes: >> >> + (not (let ((handler (find-file-name-handler >> + filename 'substitute-in-file-name))) >> + (and handler >> + (funcall handler 'substitute-in-file-name filename))))) > > I would rather use (not (file-remote-p file-name)) Okay. --=-=-= Content-Type: text/plain Content-Disposition: attachment; filename=v3-0001-Quote-filenames-containing-in-prompts.patch Content-Description: patch v3 >From 93854ddb9a15d4809f1dcf80b11784ddd4a31ed4 Mon Sep 17 00:00:00 2001 From: Noam Postavsky Date: Thu, 27 Oct 2016 22:17:11 -0400 Subject: [PATCH v3] Quote filenames containing '~' in prompts When in a directory named '~', the default value given by `read-file-name' should be quoted by prepending '/:', in order to prevent it from being interpreted as referring to the $HOME directory (Bug #16984). * lisp/minibuffer.el (minibuffer-maybe-quote-filename): New function. (completion--sifn-requote, read-file-name-default): Use it instead of `minibuffer--double-dollars'. * test/lisp/files-tests.el (files-test-read-file-in-~): Test it. --- lisp/minibuffer.el | 24 +++++++++++++++++------- test/lisp/files-tests.el | 23 +++++++++++++++++++++++ 2 files changed, 40 insertions(+), 7 deletions(-) diff --git a/lisp/minibuffer.el b/lisp/minibuffer.el index 175189c..5cbe243 100644 --- a/lisp/minibuffer.el +++ b/lisp/minibuffer.el @@ -2251,6 +2251,16 @@ minibuffer--double-dollars (replace-regexp-in-string "\\$" (lambda (dollar) (concat dollar dollar)) str)) +(defun minibuffer-maybe-quote-filename (filename) + "Protect FILENAME from `substitute-in-file-name', as needed. +Useful to give the user default values that won't be substituted." + (if (and (not (string-prefix-p "/:" filename)) + (file-name-absolute-p filename) + (string-match-p "/~" filename) + (not (file-remote-p filename))) + (concat "/:" filename) + (minibuffer--double-dollars filename))) + (defun completion--make-envvar-table () (mapcar (lambda (enventry) (substring enventry 0 (string-match-p "=" enventry))) @@ -2420,7 +2430,7 @@ completion--sifn-requote (substitute-in-file-name (substring qstr 0 (1- qpos))))) (setq qpos (1- qpos))) - (cons qpos #'minibuffer--double-dollars)))) + (cons qpos #'minibuffer-maybe-quote-filename)))) (defalias 'completion--file-name-table (completion-table-with-quoting #'completion-file-name-table @@ -2596,10 +2606,10 @@ read-file-name-default (let ((insdef (cond ((and insert-default-directory (stringp dir)) (if initial - (cons (minibuffer--double-dollars (concat dir initial)) - (length (minibuffer--double-dollars dir))) - (minibuffer--double-dollars dir))) - (initial (cons (minibuffer--double-dollars initial) 0))))) + (cons (minibuffer-maybe-quote-filename (concat dir initial)) + (length (minibuffer-maybe-quote-filename dir))) + (minibuffer-maybe-quote-filename dir))) + (initial (cons (minibuffer-maybe-quote-filename initial) 0))))) (let ((completion-ignore-case read-file-name-completion-ignore-case) (minibuffer-completing-file-name t) @@ -2693,7 +2703,7 @@ read-file-name-default ;; with what we will actually return. As an exception, ;; if that's the same as the second item in ;; file-name-history, it's really a repeat (Bug#4657). - (let ((val1 (minibuffer--double-dollars val))) + (let ((val1 (minibuffer-maybe-quote-filename val))) (if history-delete-duplicates (setcdr file-name-history (delete val1 (cdr file-name-history)))) @@ -2703,7 +2713,7 @@ read-file-name-default (if add-to-history ;; Add the value to the history--but not if it matches ;; the last value already there. - (let ((val1 (minibuffer--double-dollars val))) + (let ((val1 (minibuffer-maybe-quote-filename val))) (unless (and (consp file-name-history) (equal (car file-name-history) val1)) (setq file-name-history diff --git a/test/lisp/files-tests.el b/test/lisp/files-tests.el index 80d5e5b..f4ccd5c 100644 --- a/test/lisp/files-tests.el +++ b/test/lisp/files-tests.el @@ -220,5 +220,28 @@ files-test-bug-18141-file (should-not yes-or-no-p-prompts) (should (equal kill-emacs-args '(nil))))) +(ert-deftest files-test-read-file-in-~ () + "Test file prompting in directory named '~'. +If we are in a directory named '~', the default value should not +be $HOME." + (cl-letf (((symbol-function 'completing-read) + (lambda (_prompt _coll &optional _pred _req init _hist def _) + (or def init))) + (dir (make-temp-file "read-file-name-test" t))) + (unwind-protect + (let ((subdir (expand-file-name "./~/"))) + (make-directory subdir t) + (with-temp-buffer + (setq default-directory subdir) + (should-not (equal + (expand-file-name (read-file-name "File: ")) + (expand-file-name "~/"))) + ;; Don't overquote either! + (setq default-directory (concat "/:" subdir)) + (should-not (equal + (expand-file-name (read-file-name "File: ")) + (concat "/:/:" subdir))))) + (delete-directory dir 'recursive)))) + (provide 'files-tests) ;;; files-tests.el ends here -- 2.9.3 --=-=-= Content-Type: text/plain > > This fixes the problem for local file names, but not for remote > ones. "/ssh:user@host:/path/~/file" would still be expanded to something > like "/ssh:user@host:/home/user/file". Well, better than nothing. > > What do people think to use the "/:" prefix also for the local part of > remote file names? Then one could use "/ssh:user@host:/:/path/~/file", > making substitute-in-file-name a noop. Makes sense to me. --=-=-=--