From 464f9cf8d6f2f877ddedb15cbecf9a1fc906875e Mon Sep 17 00:00:00 2001 From: Eshel Yaron Date: Wed, 22 Jan 2025 20:20:48 +0100 Subject: [PATCH] Minor updates --- LICENSE | 2 +- esy-publish.el | 6 +++--- ...27-emacs-aritrary-code-execution-and-how-to-avoid-it.org | 5 +++-- 3 files changed, 7 insertions(+), 6 deletions(-) diff --git a/LICENSE b/LICENSE index f8b1aeb..4f6a9dd 100644 --- a/LICENSE +++ b/LICENSE @@ -1,4 +1,4 @@ -Copyright 2022-2024 Eshel Yaron +Copyright 2022-2025 Eshel Yaron Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the diff --git a/esy-publish.el b/esy-publish.el index 7efa6cf..7359654 100644 --- a/esy-publish.el +++ b/esy-publish.el @@ -1,6 +1,6 @@ ;;; esy-publish.el --- Simple Static Site Generator -*- lexical-binding:t -*- -;; Copyright (C) 2023-2024 Eshel Yaron +;; Copyright (C) 2023-2025 Eshel Yaron ;; Author: Eshel Yaron ;; Maintainer: Eshel Yaron @@ -503,7 +503,7 @@ (class . "footer")) (hr nil) "© " - (time ((class . "copyright-year")) "2024") + (time ((class . "copyright-year")) "2025") " Eshel Yaron")))) "--output"))) (apply #'call-process "texi2any" nil nil nil @@ -666,7 +666,7 @@ (class . "footer")) (hr nil) "© " - (time ((class . "copyright-year")) "2024") + (time ((class . "copyright-year")) "2025") " %a")))))))) (org-publish "all" force) (dolist (buffer (seq-uniq diff --git a/source/posts/2024-11-27-emacs-aritrary-code-execution-and-how-to-avoid-it.org b/source/posts/2024-11-27-emacs-aritrary-code-execution-and-how-to-avoid-it.org index a974c98..0462e5c 100644 --- a/source/posts/2024-11-27-emacs-aritrary-code-execution-and-how-to-avoid-it.org +++ b/source/posts/2024-11-27-emacs-aritrary-code-execution-and-how-to-avoid-it.org @@ -122,7 +122,8 @@ the Lisp byte-compiler in =bytecomp.el= uses to preprocess Lisp forms. In addition, Emacs ships with several built-in macros that actually do execute arbitrary code by /evaluating/ some of their arguments, no questions asked. These macros are ~static-if~, ~rx~, ~cl-eval-when~, -~eval-when-compile~, ~eval-and-compile~, and perhaps others. +~eval-when-compile~, ~eval-and-compile~, ~cl-macrolet~, and perhaps +others. Therefore, if we can nudge Emacs to expand one of these macros, we get arbitrary code execution. That's the crux of this vulnerability. @@ -216,7 +217,7 @@ variants of this issue have been surfaced in the past, but the issue, sadly, still stands. AFAICT the earliest public discussion about the security implications of Emacs Lisp macros started in August 2018, when [[https://yhetil.org/emacs/CAFXAjY5f4YfHAtZur1RAqH34UbYU56_t6t2Er0YEh1Sb7-W=hg@mail.gmail.com/][Wilfred Hughes noted]] that code completion can lead to arbitrary -code execution via macro-expansion. In October 2019, [[https://yhetil.org/emacs/CAJw81da4=R1jMJ0enx6SbO7G1rzaL61K2kqbY+jxhe=AM-3vtQ@mail.gmail.com/][Adam Plaice +code execution via macro-expansion. In October 2019, [[https://debbugs.gnu.org/cgi/bugreport.cgi?bug=37656][Adam Plaice reported]] that Flymake specifically can be used in a similar exploit. Some solutions have been floated in the discussions following these reports, but unfortunately, Emacs remains vulnerable to this very day. -- 2.39.5