Mercurial > emacs
comparison lispref/functions.texi @ 47667:96b260e0ff3d
New major mode "SES" for spreadsheets.
New function (unsafep X) determines whether X is a safe Lisp form.
New support module testcover.el for coverage testing.
| author | Jonathan Yavner <jyavner@member.fsf.org> |
|---|---|
| date | Sat, 28 Sep 2002 18:45:56 +0000 |
| parents | fdabb5076442 |
| children | 23a1cea22d13 |
comparison
equal
deleted
inserted
replaced
| 47666:537f1778caaf | 47667:96b260e0ff3d |
|---|---|
| 20 * Mapping Functions:: Applying a function to each element of a list, etc. | 20 * Mapping Functions:: Applying a function to each element of a list, etc. |
| 21 * Anonymous Functions:: Lambda expressions are functions with no names. | 21 * Anonymous Functions:: Lambda expressions are functions with no names. |
| 22 * Function Cells:: Accessing or setting the function definition | 22 * Function Cells:: Accessing or setting the function definition |
| 23 of a symbol. | 23 of a symbol. |
| 24 * Inline Functions:: Defining functions that the compiler will open code. | 24 * Inline Functions:: Defining functions that the compiler will open code. |
| 25 * Function safety:: Determining whether a function is safe to call. | |
| 25 * Related Topics:: Cross-references to specific Lisp primitives | 26 * Related Topics:: Cross-references to specific Lisp primitives |
| 26 that have a special bearing on how functions work. | 27 that have a special bearing on how functions work. |
| 27 @end menu | 28 @end menu |
| 28 | 29 |
| 29 @node What Is a Function | 30 @node What Is a Function |
| 1155 do for macros. (@xref{Argument Evaluation}.) | 1156 do for macros. (@xref{Argument Evaluation}.) |
| 1156 | 1157 |
| 1157 Inline functions can be used and open-coded later on in the same file, | 1158 Inline functions can be used and open-coded later on in the same file, |
| 1158 following the definition, just like macros. | 1159 following the definition, just like macros. |
| 1159 | 1160 |
| 1161 @node Function safety | |
| 1162 @section Determining whether a function is safe to call | |
| 1163 @cindex function safety | |
| 1164 @cindex safety of functions | |
| 1165 @cindex virus detection | |
| 1166 @cindex Trojan-horse detection | |
| 1167 @cindex DDoS attacks | |
| 1168 | |
| 1169 Some major modes such as SES (see @pxref{Top,,,ses}) will call | |
| 1170 functions that are stored in user files. User files sometimes have | |
| 1171 poor pedigrees---you can get a spreadsheet from someone you've just | |
| 1172 met, or you can get one through email from someone you've never met. | |
| 1173 Such files can contain viruses and other Trojan horses that could | |
| 1174 corrupt your operating system environment, delete your files, or even | |
| 1175 turn your computer into a DDoS zombie! To avoid this terrible fate, | |
| 1176 you should not call a function whose source code is stored in a user | |
| 1177 file until you have determined that it is safe. | |
| 1178 | |
| 1179 @defun unsafep form &optional unsafep-vars | |
| 1180 Returns nil if @var{form} is a @dfn{safe} lisp expression, or returns | |
| 1181 a list that describes why it might be unsafe. The argument | |
| 1182 @var{unsafep-vars} is a list of symbols known to have temporary | |
| 1183 bindings at this point; it is mainly used for internal recursive | |
| 1184 calls. The current buffer is an implicit argument, which provides a | |
| 1185 list of buffer-local bindings. | |
| 1186 @end defun | |
| 1187 | |
| 1188 Being quick and simple, @code{unsafep} does a very light analysis and | |
| 1189 rejects many Lisp expressions that are actually safe. There are no | |
| 1190 known cases where @code{unsafep} returns nil for an unsafe expression. | |
| 1191 However, a ``safe'' Lisp expression can return a string with a | |
| 1192 @code{display} property, containing an associated Lisp expression to | |
| 1193 be executed after the string is inserted into a buffer. This | |
| 1194 associated expression can be a virus. In order to be safe, you must | |
| 1195 delete properties from all strings calculated by user code before | |
| 1196 inserting them into buffers. | |
| 1197 | |
| 1198 What is a safe Lisp expression? Basically, it's an expression that | |
| 1199 calls only built-in functions with no side effects (or only innocuous | |
| 1200 ones). Innocuous side effects include displaying messages and | |
| 1201 altering non-risky buffer-local variables (but not global variables). | |
| 1202 | |
| 1203 @table @dfn | |
| 1204 @item Safe expression | |
| 1205 @itemize | |
| 1206 @item | |
| 1207 An atom or quoted thing. | |
| 1208 @item | |
| 1209 A call to a safe function (see below), if all its arguments are | |
| 1210 safe expressions. | |
| 1211 @item | |
| 1212 One of the special forms [and, catch, cond, if, or, prog1, prog2, | |
| 1213 progn, while, unwind-protect], if all its arguments are safe. | |
| 1214 @item | |
| 1215 A form that creates temporary bindings [condition-case, dolist, | |
| 1216 dotimes, lambda, let, let*], if all args are safe and the symbols to | |
| 1217 be bound are not explicitly risky (see @pxref{File Local Variables}). | |
| 1218 @item | |
| 1219 An assignment [add-to-list, setq, push, pop], if all args are safe and | |
| 1220 the symbols to be assigned are not explicitly risky and they already | |
| 1221 have temporary or buffer-local bindings. | |
| 1222 @item | |
| 1223 One of [apply, mapc, mapcar, mapconcat] if the first argument is a | |
| 1224 safe explicit lambda and the other args are safe expressions. | |
| 1225 @end itemize | |
| 1226 | |
| 1227 @item Safe function | |
| 1228 @itemize | |
| 1229 @item | |
| 1230 A lambda containing safe expressions. | |
| 1231 @item | |
| 1232 A symbol on the list @code{safe-functions}, so the user says it's safe. | |
| 1233 @item | |
| 1234 A symbol with a non-nil @code{side-effect-free} property. | |
| 1235 @item | |
| 1236 A symbol with a non-nil @code{safe-function} property. Value t | |
| 1237 indicates a function that is safe but has innocuous side effects. | |
| 1238 Other values will someday indicate functions with classes of side | |
| 1239 effects that are not always safe. | |
| 1240 @end itemize | |
| 1241 | |
| 1242 The @code{side-effect-free} and @code{safe-function} properties are | |
| 1243 provided for built-in functions and for low-level functions and macros | |
| 1244 defined in @file{subr.el}. You can assign these properties for the | |
| 1245 functions you write. | |
| 1246 | |
| 1247 @end table | |
| 1248 | |
| 1249 | |
| 1160 @c Emacs versions prior to 19 did not have inline functions. | 1250 @c Emacs versions prior to 19 did not have inline functions. |
| 1161 | 1251 |
| 1162 @node Related Topics | 1252 @node Related Topics |
| 1163 @section Other Topics Related to Functions | 1253 @section Other Topics Related to Functions |
| 1164 | 1254 |