File CVE-2024-30204.patch of Package emacs

Overview Repositories Revisions Requests Users Attributes Meta

File CVE-2024-30204.patch of Package emacs

From 6f9ea396f49cbe38c2173e0a72ba6af3e03b271c Mon Sep 17 00:00:00 2001
From: Ihor Radchenko <yantar92@posteo.net>
Date: Tue, 20 Feb 2024 12:47:24 +0300
Subject: org-latex-preview: Add protection when `untrusted-content' is non-nil

* lisp/org/org.el (org--latex-preview-when-risky): New variable
controlling how to handle LaTeX previews in Org files from untrusted
origin.
(org-latex-preview): Consult `org--latex-preview-when-risky' before
generating previews.

This patch adds a layer of protection when LaTeX preview is requested
for an email attachment, where `untrusted-content' is set to non-nil.

---
 lisp/files.el   |    8 ++++++++
 lisp/org/org.el |   19 +++++++++++++++++++
 2 files changed, 27 insertions(+)

diff --git a/lisp/files.el b/lisp/files.el
--- lisp/files.el
+++ lisp/files.el
@@ -583,6 +583,14 @@ and ignores this variable."
 		 (other :tag "Query" other))
   :group 'find-file)
 
+(defvar-local untrusted-content nil
+  "Non-nil means that current buffer originated from an untrusted source.
+Email clients and some other modes may set this non-nil to mark the
+buffer contents as untrusted.
+
+This variable might be subject to change without notice.")
+(put 'untrusted-content 'permanent-local t)
+
 (defvar enable-dir-local-variables t
   "Non-nil means enable use of directory-local variables.
 Some modes may wish to set this to nil to prevent directory-local
diff --git a/lisp/org/org.el b/lisp/org/org.el
--- lisp/org/org.el
+++ lisp/org/org.el
@@ -1077,6 +1077,24 @@ the following lines anywhere in the buff
   :package-version '(Org . "8.0")
   :type 'boolean)
 
+(defvar untrusted-content) ; defined in files.el
+(defvar org--latex-preview-when-risky nil
+  "If non-nil, enable LaTeX preview in Org buffers from unsafe source.
+
+Some specially designed LaTeX code may generate huge pdf or log files
+that may exhaust disk space.
+
+This variable controls how to handle LaTeX preview when rendering LaTeX
+fragments that originate from incoming email messages.  It has no effect
+when Org mode is unable to determine the origin of the Org buffer.
+
+An Org buffer is considered to be from unsafe source when the
+variable `untrusted-content' has a non-nil value in the buffer.
+
+If this variable is non-nil, LaTeX previews are rendered unconditionally.
+
+This variable may be renamed or changed in the future.")
+
 (defcustom org-insert-mode-line-in-empty-file nil
   "Non-nil means insert the first line setting Org mode in empty files.
 When the function `org-mode' is called interactively in an empty file, this
@@ -15827,6 +15845,7 @@ fragments in the buffer."
   (interactive "P")
   (cond
    ((not (display-graphic-p)) nil)
+   ((and untrusted-content (not org--latex-preview-when-risky)) nil)
    ;; Clear whole buffer.
    ((equal arg '(64))
     (org-clear-latex-preview (point-min) (point-max))

Places

File CVE-2024-30204.patch of Package emacs

Places