From: Artur Malabarba <bruce.connor.am@gmail.com>
Date: Sat, 12 Dec 2015 21:43:34 +0000 (+0000)
Subject: * lisp/emacs-lisp/package.el (package-unpack): Security check
X-Git-Tag: emacs-25.0.90~480
X-Git-Url: http://git.eshelyaron.com/gitweb/?a=commitdiff_plain;h=95a5c23f741f42c6f68e283570cdce10b1946296;p=emacs.git

* lisp/emacs-lisp/package.el (package-unpack): Security check

Check that we received the package we were offered.
---

diff --git a/lisp/emacs-lisp/package.el b/lisp/emacs-lisp/package.el
index 3cf94ec0255..f60bff4a477 100644
--- a/lisp/emacs-lisp/package.el
+++ b/lisp/emacs-lisp/package.el
@@ -829,7 +829,10 @@ untar into a directory named DIR; otherwise, signal an error."
     (package--make-autoloads-and-stuff pkg-desc pkg-dir)
     ;; Update package-alist.
     (let ((new-desc (package-load-descriptor pkg-dir)))
-      ;; FIXME: Check that `new-desc' matches `desc'!
+      (unless (equal (package-desc-full-name new-desc)
+                     (package-desc-full-name pkg-desc))
+        (error "The retrieved package (`%s') doesn't match what the archive offered (`%s')"
+               (package-desc-full-name new-desc) (package-desc-full-name pkg-desc)))
       ;; Activation has to be done before compilation, so that if we're
       ;; upgrading and macros have changed we load the new definitions
       ;; before compiling.