; (find-function-search-for-symbol): Be cautious with macros.

author Eshel Yaron <me@eshelyaron.com>

Fri, 28 Mar 2025 16:57:35 +0000 (17:57 +0100)

committer Eshel Yaron <me@eshelyaron.com>

Fri, 28 Mar 2025 16:57:35 +0000 (17:57 +0100)
author Eshel Yaron <me@eshelyaron.com>
Fri, 28 Mar 2025 16:57:35 +0000 (17:57 +0100)
committer Eshel Yaron <me@eshelyaron.com>
Fri, 28 Mar 2025 16:57:35 +0000 (17:57 +0100)
diff --git a/lisp/emacs-lisp/find-func.el b/lisp/emacs-lisp/find-func.el

index 326232028e76960370898c8c17cff31994aee933..54e6cb30b87dbe2903c2fce05b7014826ed5107b 100644 (file)
--- a/lisp/emacs-lisp/find-func.el
+++ b/lisp/emacs-lisp/find-func.el
@@ -539,10 +539,13 @@ The search is done in the source for library LIBRARY."
                  ;; If the regexp search didn't find the location of
                  ;; the symbol (for example, because it is generated by
                  ;; a macro), try a slightly more expensive search that
-                ;; expands macros until it finds the symbol.
+                ;; expands macros until it finds the symbol.  Since
+                ;; macro-expansion involves arbitrary code execution,
+                ;; only attempt it in trusted buffers.
                  (cons (current-buffer)
-                      (find-function--search-by-expanding-macros
-                       (current-buffer) symbol type))))))))))
+                      (when (trusted-content-p)
+                        (find-function--search-by-expanding-macros
+                         (current-buffer) symbol type)))))))))))
  
  (defun find-function--try-macroexpand (form)
    "Try to macroexpand FORM in full or partially.
author	Eshel Yaron <me@eshelyaron.com>
	Fri, 28 Mar 2025 16:57:35 +0000 (17:57 +0100)
committer	Eshel Yaron <me@eshelyaron.com>
	Fri, 28 Mar 2025 16:57:35 +0000 (17:57 +0100)