From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!.POSTED.blaine.gmane.org!not-for-mail From: Eli Zaretskii Newsgroups: gmane.emacs.bugs Subject: bug#37656: 27.0.50; Arbitrary code execution with special `mode:' Date: Wed, 16 Oct 2019 10:58:06 +0300 Message-ID: <838splf7g1.fsf@gnu.org> References: Injection-Info: blaine.gmane.org; posting-host="blaine.gmane.org:195.159.176.226"; logging-data="23802"; mail-complaints-to="usenet@blaine.gmane.org" Cc: 37656@debbugs.gnu.org, plaice.adam+lists@gmail.com To: Stefan Kangas Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Wed Oct 16 09:59:14 2019 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([209.51.188.17]) by blaine.gmane.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.89) (envelope-from ) id 1iKeDA-00065T-BV for geb-bug-gnu-emacs@m.gmane.org; Wed, 16 Oct 2019 09:59:12 +0200 Original-Received: from localhost ([::1]:38660 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iKeD8-0007GN-U4 for geb-bug-gnu-emacs@m.gmane.org; Wed, 16 Oct 2019 03:59:10 -0400 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]:42074) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iKeD3-0007Dm-Kz for bug-gnu-emacs@gnu.org; Wed, 16 Oct 2019 03:59:06 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1iKeD1-0006Hs-LY for bug-gnu-emacs@gnu.org; Wed, 16 Oct 2019 03:59:05 -0400 Original-Received: from debbugs.gnu.org ([209.51.188.43]:36355) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1iKeD0-0006HR-5j for bug-gnu-emacs@gnu.org; Wed, 16 Oct 2019 03:59:03 -0400 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1iKeD0-0006vH-2C for bug-gnu-emacs@gnu.org; Wed, 16 Oct 2019 03:59:02 -0400 X-Loop: help-debbugs@gnu.org Resent-From: Eli Zaretskii Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Wed, 16 Oct 2019 07:59:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 37656 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: security Original-Received: via spool by 37656-submit@debbugs.gnu.org id=B37656.157121271226574 (code B ref 37656); Wed, 16 Oct 2019 07:59:02 +0000 Original-Received: (at 37656) by debbugs.gnu.org; 16 Oct 2019 07:58:32 +0000 Original-Received: from localhost ([127.0.0.1]:45176 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1iKeCW-0006uY-4p for submit@debbugs.gnu.org; Wed, 16 Oct 2019 03:58:32 -0400 Original-Received: from eggs.gnu.org ([209.51.188.92]:32912) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1iKeCU-0006uH-4F for 37656@debbugs.gnu.org; Wed, 16 Oct 2019 03:58:30 -0400 Original-Received: from fencepost.gnu.org ([2001:470:142:3::e]:37333) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1iKeCO-0006A2-TS; Wed, 16 Oct 2019 03:58:24 -0400 Original-Received: from [176.228.60.248] (port=3943 helo=home-c4e4a596f7) by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256) (Exim 4.82) (envelope-from ) id 1iKeCN-0007EI-Ph; Wed, 16 Oct 2019 03:58:24 -0400 In-reply-to: (message from Stefan Kangas on Wed, 16 Oct 2019 01:17:51 +0200) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 209.51.188.43 X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Original-Sender: "bug-gnu-emacs" Xref: news.gmane.org gmane.emacs.bugs:169423 Archived-At: > From: Stefan Kangas > Date: Wed, 16 Oct 2019 01:17:51 +0200 > Cc: 37656@debbugs.gnu.org, Emacs developers > > The "multiple mode specification feature" dates back to: > 9fa7bfe524 1993-09-11 Richard M. Stallman > (hack-local-variables-prop-line): Ignore any specification > for `mode:', since set-auto-mode has already handled it. > (set-auto-mode): Clean up. Handle more than one `mode:' spec in -*-. > > The code that my proposed patch changes has stayed untouched since > this 1993 commit. If we agree that disabling this feature is the > solution here, a backported security fix should therefore hopefully be > a one liner all the way back to version 22.1. This feature was described as "deprecated", but where and why did we deprecate it?