Use unsafep to check for theme safety.

* cus-face.el (custom-theme-set-faces): Mark as a safe function.

* custom.el (custom-theme-set-variables): Mark as a safe function.
(load-theme): Check forms using unsafep.

diff --git a/lisp/ChangeLog b/lisp/ChangeLog
index 9529d85c89beed35376734e4c6610907d6c9da71..30fc5c29f7b85b9daf557169b0775f7a2baafc88 100644 (file)
--- a/lisp/ChangeLog
+++ b/lisp/ChangeLog
@@ -1,3 +1,10 @@
+2010-10-18  Chong Yidong  <cyd@stupidchicken.com>
+
+       * custom.el (custom-theme-set-variables): Mark as a safe function.
+       (load-theme): Check forms using unsafep.
+
+       * cus-face.el (custom-theme-set-faces): Mark as a safe function.
+
 2010-10-17  Agustín Martín  <agustin.martin@hispalinux.es>
 
        * textmodes/ispell.el (ispell-aspell-find-dictionary): Fix

diff --git a/lisp/cus-face.el b/lisp/cus-face.el
index ebb20012afa1c68bc0456ee1d877c6901fddabf4..fd6db787d32faf94effcb67542a6429ad0742668 100644 (file)
--- a/lisp/cus-face.el
+++ b/lisp/cus-face.el
@@ -349,6 +349,8 @@ FACE's list property `theme-face' \(using `custom-push-theme')."
              (put face 'face-override-spec nil)
              (face-spec-set face spec t))))))))
 
+(put 'custom-theme-set-faces 'safe-function t)
+
 ;; XEmacs compability function.  In XEmacs, when you reset a Custom
 ;; Theme, you have to specify the theme to reset it to.  We just apply
 ;; the next theme.

diff --git a/lisp/custom.el b/lisp/custom.el
index 4bc230a76626da94305d24d8f5bfa22ff080cf0f..8a7739d1be423be681cbfb233e49ef3a3f3d1e74 100644 (file)
--- a/lisp/custom.el
+++ b/lisp/custom.el
@@ -993,6 +993,8 @@ in SYMBOL's list property `theme-value' \(using `custom-push-theme')."
          (and (or now (default-boundp symbol))
               (put symbol 'variable-comment comment)))))))
 
+(put 'custom-theme-set-variables 'safe-function t)
+
 \f
 ;;; Defining themes.
 
@@ -1134,32 +1136,27 @@ the theme."
     (with-temp-buffer
       (insert-file-contents fn)
       (let ((custom--inhibit-theme-enable no-enable)
-           sexp scar)
-       (while (setq sexp (let ((read-circle nil))
+           form scar)
+       (while (setq form (let ((read-circle nil))
                            (condition-case nil
                                (read (current-buffer))
                              (end-of-file nil))))
-         ;; Perform some checks on each sexp before evaluating it.
          (cond
-          ((not (listp sexp)))
-          ((eq (setq scar (car sexp)) 'deftheme)
-           (unless (eq (cadr sexp) theme)
+          ;; Check `deftheme' expressions.
+          ((eq (setq scar (car form)) 'deftheme)
+           (unless (eq (cadr form) theme)
              (error "Incorrect theme name in `deftheme'"))
-           (and (symbolp (nth 1 sexp))
-                (stringp (nth 2 sexp))
-                (eval (list scar (nth 1 sexp) (nth 2 sexp)))))
-          ((or (eq scar 'custom-theme-set-variables)
-               (eq scar 'custom-theme-set-faces))
-           (unless (equal (nth 1 sexp) `(quote ,theme))
-             (error "Incorrect theme name in theme settings"))
-           (dolist (entry (cddr sexp))
-             (unless (eq (car-safe entry) 'quote)
-               (error "Unsafe expression in theme settings")))
-           (eval sexp))
+           (and (symbolp (nth 1 form))
+                (stringp (nth 2 form))
+                (eval (list scar (nth 1 form) (nth 2 form)))))
+          ;; Check `provide-theme' expressions.
           ((and (eq scar 'provide-theme)
-                (equal (cadr sexp) `(quote ,theme))
-                (= (length sexp) 2))
-           (eval sexp))))))))
+                (equal (cadr form) `(quote ,theme))
+                (= (length form) 2))
+           (eval form))
+          ;; All other expressions need to be safe.
+          ((not (unsafep form))
+           (eval form))))))))
 
 (defun custom-theme-name-valid-p (name)
   "Return t if NAME is a valid name for a Custom theme, nil otherwise.