[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Avoiding arbitrary code execution with macroexpansion

From: Richard Stallman
Subject: Re: Avoiding arbitrary code execution with macroexpansion
Date: Sun, 19 Aug 2018 23:04:26 -0400

[[[ To any NSA and FBI agents reading my email: please consider    ]]]
[[[ whether defending the US Constitution against all enemies,     ]]]
[[[ foreign or domestic, requires you to follow Snowden's example. ]]]

  > Using a macro that calls eval, such as eval-when-compile,
  > eval-and-compile, c-lang-defconst-eval-immediately (undoubtedly others
  > too), means anything can happen at macroexpansion time.

Can we make macroexpand detect these cases and give an error?
It would have to do a codewalk on the macro definition,
but that is doable.

Perhaps doing an flet of eval and apply would work.

Dr Richard Stallman
President, Free Software Foundation (https://gnu.org, https://fsf.org)
Internet Hall-of-Famer (https://internethalloffame.org)

reply via email to

[Prev in Thread] Current Thread [Next in Thread]