Re: turn off safe-local-variable-values checking

["Stuart D. Herring" <herring@lanl.gov>]

[-- Attachment #1: Type: text/plain, Size: 805 bytes --]

>     table.el
>     allout.el
>     ediff*.el
>
> This is useful--I presume these bindings are safe,
> so we should define predicates for the variables they bind.
>
> Would someone like to do that now, and ack?

Interesting: each of those three files required a different approach.  I
added predicates for time-stamp.el's local variables, putting reasonable
limits on the integers.  Allout just needed to autoload its
already-present safe-local declaration.  And ediff was using part of
edebug which could really be used for evil, so I wrote a check for
non-evil use and added that to the code for symbol properties.

Patch attached, natch.

Davis

-- 
This product is sold by volume, not by mass.  If it appears too dense or
too sparse, it is because mass-energy conversion has occurred during
shipping.

[-- Attachment #2: local-variables.patch --]
[-- Type: application/octet-stream, Size: 6711 bytes --]

? local-variables.patch
Index: lisp/ChangeLog
===================================================================
RCS file: /sources/emacs/emacs/lisp/ChangeLog,v
retrieving revision 1.9390
diff -a -c -r1.9390 ChangeLog
*** lisp/ChangeLog	12 Apr 2006 05:11:12 -0000	1.9390
--- lisp/ChangeLog	12 Apr 2006 19:55:17 -0000
***************
*** 1,3 ****
--- 1,18 ----
+ 2006-04-12  Davis Herring  <herring@lanl.gov>
+ 
+ 	* files.el: Add predicates for time-stamp.el's file-local
+ 	variables (here, since it's never automatically loaded).  Remove
+ 	lingering `string-or-null' let-binding.
+ 	(hack-one-local-variable-eval-safep): Recognize
+ 	`edebug-form-spec' for `put', but only if it passes
+ 	`edebug-basic-spec'.  Generalize `put' handling.
+ 
+ 	* emacs-lisp/edebug.el (edebug-basic-spec): New function for
+ 	vetting file-local form specs.
+ 
+ 	* allout.el (allout-layout): Autoload its `safe-local-variable'
+ 	property.
+ 
  2006-04-12  Stefan Monnier  <monnier@iro.umontreal.ca>
  
  	* progmodes/perl-mode.el (perl-indent-new-calculate):
Index: lisp/allout.el
===================================================================
RCS file: /sources/emacs/emacs/lisp/allout.el,v
retrieving revision 1.70
diff -a -c -r1.70 allout.el
*** lisp/allout.el	15 Mar 2006 03:14:15 -0000	1.70
--- lisp/allout.el	12 Apr 2006 19:55:18 -0000
***************
*** 666,671 ****
--- 666,672 ----
  `allout-layout' can additionally have the value `t', in which
  case the value of `allout-default-layout' is used.")
  (make-variable-buffer-local 'allout-layout)
+ ;;;###autoload
  (put 'allout-layout 'safe-local-variable t)
  
  ;;;_  : Topic header format
Index: lisp/files.el
===================================================================
RCS file: /sources/emacs/emacs/lisp/files.el,v
retrieving revision 1.825
diff -a -c -r1.825 files.el
*** lisp/files.el	11 Apr 2006 17:57:34 -0000	1.825
--- lisp/files.el	12 Apr 2006 19:55:18 -0000
***************
*** 2343,2371 ****
  ;; For variables defined in the C source code the declaration should go here:
  
  ;; FIXME: Some variables should be moved according to the rules above.
! (let ((string-or-null (lambda (a) (or (stringp a) (null a)))))
!   (eval
!    `(mapc (lambda (pair)
! 	    (put (car pair) 'safe-local-variable (cdr pair)))
! 	  '((byte-compile-dynamic . t)
! 	    (byte-compile-dynamic-docstrings . t)
! 	    (byte-compile-warnings . t)
! 	    (c-basic-offset     .  integerp)
! 	    (c-file-style       .  stringp)
! 	    (c-indent-level     .  integerp)
! 	    (comment-column     .  integerp)
! 	    (compile-command    .  string-or-null-p)
! 	    (fill-column        .  integerp)
! 	    (fill-prefix        .  string-or-null-p)
! 	    (indent-tabs-mode   .  t)
! 	    (kept-new-versions  .  integerp)
! 	    (left-margin        .  t)
! 	    (no-byte-compile    .  t)
! 	    (no-update-autoloads . t)
! 	    (outline-regexp     .  string-or-null-p)
! 	    (tab-width          .  integerp) ;; C source code
! 	    (truncate-lines     .  t) ;; C source code
! 	    (version-control    .  t)))))
  
  (put 'c-set-style 'safe-local-eval-function t)
  
--- 2343,2380 ----
  ;; For variables defined in the C source code the declaration should go here:
  
  ;; FIXME: Some variables should be moved according to the rules above.
! (eval
!  `(mapc (lambda (pair)
! 	  (put (car pair) 'safe-local-variable (cdr pair)))
! 	'((byte-compile-dynamic . t)
! 	  (byte-compile-dynamic-docstrings . t)
! 	  (byte-compile-warnings . t)
! 	  (c-basic-offset     .  integerp)
! 	  (c-file-style       .  stringp)
! 	  (c-indent-level     .  integerp)
! 	  (comment-column     .  integerp)
! 	  (compile-command    .  string-or-null-p)
! 	  (fill-column        .  integerp)
! 	  (fill-prefix        .  string-or-null-p)
! 	  (indent-tabs-mode   .  t)
! 	  (kept-new-versions  .  integerp)
! 	  (left-margin        .  t)
! 	  (no-byte-compile    .  t)
! 	  (no-update-autoloads . t)
! 	  (outline-regexp     .  string-or-null-p)
! 	  (tab-width          .  integerp) ;; C source code
! 	  (time-stamp-inserts-lines . t)
! 	  (time-stamp-line-limit . (lambda (val) (and (integerp val)
! 						      (not (zerop val))
! 						      (<= (abs val) 1000))))
! 	  (time-stamp-count   .  (lambda (val) (and (integerp val)
! 						    (<= val 100))))
! 	  (time-stamp-end     .  stringp)
! 	  (time-stamp-format  .  stringp)
! 	  (time-stamp-pattern .  string-or-null-p)
! 	  (time-stamp-start   .  stringp)
! 	  (truncate-lines     .  t) ;; C source code
! 	  (version-control    .  t))))
  
  (put 'c-set-style 'safe-local-eval-function t)
  
***************
*** 2689,2700 ****
        (and (eq (car exp) 'put)
  	   (hack-one-local-variable-quotep (nth 1 exp))
  	   (hack-one-local-variable-quotep (nth 2 exp))
! 	   (memq (nth 1 (nth 2 exp))
! 		 '(lisp-indent-hook))
! 	   ;; Only allow safe values of lisp-indent-hook;
! 	   ;; not functions.
! 	   (or (numberp (nth 3 exp))
! 	       (equal (nth 3 exp) ''defun)))
        ;; Allow expressions that the user requested.
        (member exp safe-local-eval-forms)
        ;; Certain functions can be allowed with safe arguments
--- 2698,2711 ----
        (and (eq (car exp) 'put)
  	   (hack-one-local-variable-quotep (nth 1 exp))
  	   (hack-one-local-variable-quotep (nth 2 exp))
! 	   (let ((prop (nth 1 (nth 2 exp))) (val (nth 3 exp)))
! 	     (cond ((eq prop 'lisp-indent-hook)
! 		    ;; Only allow safe values of lisp-indent-hook;
! 		    ;; not functions.
! 		    (or (numberp val) (equal val ''defun)))
! 		   ((eq prop 'edebug-form-spec)
! 		    ;; Only allow indirect form specs.
! 		    (edebug-basic-spec val)))))
        ;; Allow expressions that the user requested.
        (member exp safe-local-eval-forms)
        ;; Certain functions can be allowed with safe arguments
Index: lisp/emacs-lisp/edebug.el
===================================================================
RCS file: /sources/emacs/emacs/lisp/emacs-lisp/edebug.el,v
retrieving revision 3.88
diff -a -c -r3.88 edebug.el
*** lisp/emacs-lisp/edebug.el	3 Mar 2006 11:55:43 -0000	3.88
--- lisp/emacs-lisp/edebug.el	12 Apr 2006 19:55:19 -0000
***************
*** 258,263 ****
--- 258,277 ----
      edebug-form-spec
      ))
  
+ ;;;###autoload
+ (defun edebug-basic-spec (spec)
+   "Return t if SPEC uses only extant spec symbols.
+ An extant spec symbol is a symbol that is not a function and has a
+ `edebug-form-spec' property."
+   (cond ((listp spec)
+ 	 (catch 'basic
+ 	   (while spec
+ 	     (unless (edebug-basic-spec (car spec)) (throw 'basic nil))
+ 	     (setq spec (cdr spec)))
+ 	   t))
+ 	((symbolp spec)
+ 	 (unless (functionp spec) (get spec 'edebug-form-spec)))))
+ 
  ;;; Utilities
  
  ;; Define edebug-gensym - from old cl.el

[-- Attachment #3: Type: text/plain, Size: 142 bytes --]

_______________________________________________
Emacs-devel mailing list
Emacs-devel@gnu.org
http://lists.gnu.org/mailman/listinfo/emacs-devel