From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!not-for-mail
From: "Chris Moore" <dooglus@gmail.com>
Newsgroups: gmane.emacs.devel
Subject: Re: C file recoginzed as image file
Date: Fri, 5 Jan 2007 23:23:29 +0100
Message-ID: <a9691ee20701051423haa1bd31y768ceeb5b2d45994@mail.gmail.com>
References: <loom.20070105T152213-693@post.gmane.org>
	<m23b6pzg3g.fsf@gmail.com> <m2y7ohy0s1.fsf@gmail.com>
	<f7ccd24b0701051102n4866b1cbi35465c3a22291ba4@mail.gmail.com>
NNTP-Posting-Host: lo.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Trace: sea.gmane.org 1168035869 25082 80.91.229.12 (5 Jan 2007 22:24:29 GMT)
X-Complaints-To: usenet@sea.gmane.org
NNTP-Posting-Date: Fri, 5 Jan 2007 22:24:29 +0000 (UTC)
Cc: Charles Rendleman <c.a.rendle@gmail.com>, emacs-devel@gnu.org
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Fri Jan 05 23:24:28 2007
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([199.232.76.165])
	by lo.gmane.org with esmtp (Exim 4.50)
	id 1H2xTx-00078m-D3
	for ged-emacs-devel@m.gmane.org; Fri, 05 Jan 2007 23:24:13 +0100
Original-Received: from localhost ([127.0.0.1] helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43)
	id 1H2xTw-0007se-KX
	for ged-emacs-devel@m.gmane.org; Fri, 05 Jan 2007 17:24:12 -0500
Original-Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1H2xTK-0007Nu-0p
	for emacs-devel@gnu.org; Fri, 05 Jan 2007 17:23:34 -0500
Original-Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1H2xTH-0007L5-SY
	for emacs-devel@gnu.org; Fri, 05 Jan 2007 17:23:33 -0500
Original-Received: from [199.232.76.173] (helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1H2xTH-0007Ku-My
	for emacs-devel@gnu.org; Fri, 05 Jan 2007 17:23:31 -0500
Original-Received: from [66.249.92.171] (helo=ug-out-1314.google.com)
	by monty-python.gnu.org with esmtp (Exim 4.52) id 1H2xTG-0005VP-Sv
	for emacs-devel@gnu.org; Fri, 05 Jan 2007 17:23:31 -0500
Original-Received: by ug-out-1314.google.com with SMTP id j3so6521570ugf
	for <emacs-devel@gnu.org>; Fri, 05 Jan 2007 14:23:30 -0800 (PST)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com;
	h=received:message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth;
	b=AlxdnrUZnfa3aeOulVDC5Rr17c5wlmLK3kN6eBpx7A37ambHbikbi4cN1N47eNF1GMAVrB0SCZPHgJa1ULNVn1fY7RODA9Fr6IvodUvzia6k5Wf2NFJb5hmAMOMifCsPzEurc/BIQnTc5CJY20PAcxeyzPNu/9hbeCWnpn+vk/8=
Original-Received: by 10.78.200.3 with SMTP id x3mr4771109huf.1168035809948;
	Fri, 05 Jan 2007 14:23:29 -0800 (PST)
Original-Received: by 10.78.169.19 with HTTP; Fri, 5 Jan 2007 14:23:29 -0800 (PST)
Original-To: "Juanma Barranquero" <lekktu@gmail.com>
In-Reply-To: <f7ccd24b0701051102n4866b1cbi35465c3a22291ba4@mail.gmail.com>
Content-Disposition: inline
X-Google-Sender-Auth: 6c668371eab72a03
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <http://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <http://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.emacs.devel:64837
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/64837>

On 1/5/07, Juanma Barranquero <lekktu@gmail.com> wrote:

> `magic-mode-alist' is more specific. The problem is that some of these
> regexps are too permissive.

Even if magic-mode-alist was just right, and it only opened files as
images when they contain images, I don't want this mysterious .c file
I just received in the mail being opened as an image, because who
knows what it might do...  I trust Emacs's cc-mode not to execute any
malicious code when displaying C source code, what with all the
file-local variable checking and so on, but I don't trust the various
image libraries which are linked into Emacs not to have remaining
buffer overflow bugs in them.

It's possible that they're all fine now, but in the last few years the
following vulnerabilities have been found in various image libraries,
all of which possibly lead to the execution of arbitrary code:

libpng:
http://www.debian.org/security/2004/dsa-536
http://www.debian.org/security/2004/dsa-570

libpng3:
http://www.debian.org/security/2004/dsa-571

tiff:
http://www.debian.org/security/2004/dsa-567
http://www.debian.org/security/2004/dsa-617
http://www.debian.org/security/2005/dsa-626
http://www.debian.org/security/2005/dsa-755
http://www.debian.org/security/2006/dsa-1054
http://www.debian.org/security/2006/dsa-1078
http://www.debian.org/security/2006/dsa-1137

wmf:
http://www.debian.org/security/2006/dsa-1194

So I wouldn't be too willing to bet that they're safe now.

When opening a file with file-local variables in it, Emacs is quite
paranoid about checking with the user whether it's OK to use the
variable definitions.  But when the file contains an image file, Emacs
is happy to just display it without any kind of prompt or warning,
even when the file has a .c extension?

In short, .c files should be opened in cc-mode, no matter what they
contain, at least not without checking with the user first.  "The
file's extension indicates that this is C source code, but the file
contains an image in PNG format.  Display the image?  (y/n)"