emacs-29 7100ecd7a4 1/2: Replace 'hfy-find-cmd' with 'directory-files-re

emacs-diffs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

emacs-29 7100ecd7a4 1/2: Replace 'hfy-find-cmd' with 'directory-files-re

From:	Eli Zaretskii
Subject:	emacs-29 7100ecd7a4 1/2: Replace 'hfy-find-cmd' with 'directory-files-recursively'.
Date:	Sat, 14 Jan 2023 04:11:21 -0500 (EST)

branch: emacs-29
commit 7100ecd7a472a5ff49d7c8a4b9c061a50520e93b
Author: Xi Lu <lx@shellcodes.org>
Commit: Eli Zaretskii <eliz@gnu.org>

    Replace 'hfy-find-cmd' with 'directory-files-recursively'.
    
    This removes a potential vulnerability to maliciously
    named files.  (Bug#60562)
    * lisp/htmlfontify.el (hfy-exclude-file-rules): New defcustom.
    (hfy-list-files): Reimplement using 'directory-files-recursively'.
---
 lisp/htmlfontify.el | 21 ++++++++++++++-------
 1 file changed, 14 insertions(+), 7 deletions(-)

diff --git a/lisp/htmlfontify.el b/lisp/htmlfontify.el
index c989a12d20..f05bc4e1e3 100644
--- a/lisp/htmlfontify.el
+++ b/lisp/htmlfontify.el
@@ -372,11 +372,14 @@ otherwise."
   :tag   "istext-command"
   :type  '(string))
 
-(defcustom hfy-find-cmd
-  "find . -type f \\! -name \\*~ \\! -name \\*.flc \\! -path \\*/CVS/\\*"
-  "Find command used to harvest a list of files to attempt to fontify."
-  :tag   "find-command"
-  :type  '(string))
+(defcustom hfy-exclude-file-rules
+  '("\\.flc$"
+    "/CVS/.*"
+    ".*~$"
+    "/\\.git\\(?:/.*\\)?$")
+  "Define some regular expressions to exclude files"
+  :tag "exclude-rules"
+  :type '(list string))
 
 (defcustom hfy-display-class nil
   "Display class to use to determine which display class to use when
@@ -1826,8 +1829,12 @@ Strips any leading \"./\" from each filename."
   ;;(message "hfy-list-files");;DBUG
   ;; FIXME: this changes the dir of the current buffer.  Is that right??
   (cd directory)
-  (mapcar (lambda (F) (if (string-match "^./\\(.*\\)" F) (match-string 1 F) F))
-          (split-string (shell-command-to-string hfy-find-cmd))) )
+  (cl-remove-if (lambda (f)
+                  (or (null (file-regular-p f))
+                      (seq-some (lambda (r)
+                                  (string-match r f))
+                                hfy-exclude-file-rules)))
+                (directory-files-recursively "." ".*" nil t)))
 
 ;; strip the filename off, return a directory name
 ;; not a particularly thorough implementation, but it will be

[Prev in Thread]

Current Thread

[Next in Thread]

emacs-29 updated (f102145d38 -> 435ba92ccc), Eli Zaretskii, 2023/01/14
- emacs-29 7100ecd7a4 1/2: Replace 'hfy-find-cmd' with 'directory-files-recursively'., Eli Zaretskii <=
- emacs-29 435ba92ccc 2/2: ; Fix last change in htmlfontify.el, Eli Zaretskii, 2023/01/14

Prev by Date: emacs-29 f102145d38: ; * etc/PROBLEMS: Describe problems with MuPDF 1.21. (Bug#60308)
Next by Date: emacs-29 updated (f102145d38 -> 435ba92ccc)
Previous by thread: emacs-29 updated (f102145d38 -> 435ba92ccc)
Next by thread: emacs-29 435ba92ccc 2/2: ; Fix last change in htmlfontify.el
Index(es):
- Date
- Thread