Mercurial > emacs
comparison lispref/functions.texi @ 47667:96b260e0ff3d
New major mode "SES" for spreadsheets.
New function (unsafep X) determines whether X is a safe Lisp form.
New support module testcover.el for coverage testing.
author | Jonathan Yavner <jyavner@member.fsf.org> |
---|---|
date | Sat, 28 Sep 2002 18:45:56 +0000 |
parents | fdabb5076442 |
children | 23a1cea22d13 |
comparison
equal
deleted
inserted
replaced
47666:537f1778caaf | 47667:96b260e0ff3d |
---|---|
20 * Mapping Functions:: Applying a function to each element of a list, etc. | 20 * Mapping Functions:: Applying a function to each element of a list, etc. |
21 * Anonymous Functions:: Lambda expressions are functions with no names. | 21 * Anonymous Functions:: Lambda expressions are functions with no names. |
22 * Function Cells:: Accessing or setting the function definition | 22 * Function Cells:: Accessing or setting the function definition |
23 of a symbol. | 23 of a symbol. |
24 * Inline Functions:: Defining functions that the compiler will open code. | 24 * Inline Functions:: Defining functions that the compiler will open code. |
25 * Function safety:: Determining whether a function is safe to call. | |
25 * Related Topics:: Cross-references to specific Lisp primitives | 26 * Related Topics:: Cross-references to specific Lisp primitives |
26 that have a special bearing on how functions work. | 27 that have a special bearing on how functions work. |
27 @end menu | 28 @end menu |
28 | 29 |
29 @node What Is a Function | 30 @node What Is a Function |
1155 do for macros. (@xref{Argument Evaluation}.) | 1156 do for macros. (@xref{Argument Evaluation}.) |
1156 | 1157 |
1157 Inline functions can be used and open-coded later on in the same file, | 1158 Inline functions can be used and open-coded later on in the same file, |
1158 following the definition, just like macros. | 1159 following the definition, just like macros. |
1159 | 1160 |
1161 @node Function safety | |
1162 @section Determining whether a function is safe to call | |
1163 @cindex function safety | |
1164 @cindex safety of functions | |
1165 @cindex virus detection | |
1166 @cindex Trojan-horse detection | |
1167 @cindex DDoS attacks | |
1168 | |
1169 Some major modes such as SES (see @pxref{Top,,,ses}) will call | |
1170 functions that are stored in user files. User files sometimes have | |
1171 poor pedigrees---you can get a spreadsheet from someone you've just | |
1172 met, or you can get one through email from someone you've never met. | |
1173 Such files can contain viruses and other Trojan horses that could | |
1174 corrupt your operating system environment, delete your files, or even | |
1175 turn your computer into a DDoS zombie! To avoid this terrible fate, | |
1176 you should not call a function whose source code is stored in a user | |
1177 file until you have determined that it is safe. | |
1178 | |
1179 @defun unsafep form &optional unsafep-vars | |
1180 Returns nil if @var{form} is a @dfn{safe} lisp expression, or returns | |
1181 a list that describes why it might be unsafe. The argument | |
1182 @var{unsafep-vars} is a list of symbols known to have temporary | |
1183 bindings at this point; it is mainly used for internal recursive | |
1184 calls. The current buffer is an implicit argument, which provides a | |
1185 list of buffer-local bindings. | |
1186 @end defun | |
1187 | |
1188 Being quick and simple, @code{unsafep} does a very light analysis and | |
1189 rejects many Lisp expressions that are actually safe. There are no | |
1190 known cases where @code{unsafep} returns nil for an unsafe expression. | |
1191 However, a ``safe'' Lisp expression can return a string with a | |
1192 @code{display} property, containing an associated Lisp expression to | |
1193 be executed after the string is inserted into a buffer. This | |
1194 associated expression can be a virus. In order to be safe, you must | |
1195 delete properties from all strings calculated by user code before | |
1196 inserting them into buffers. | |
1197 | |
1198 What is a safe Lisp expression? Basically, it's an expression that | |
1199 calls only built-in functions with no side effects (or only innocuous | |
1200 ones). Innocuous side effects include displaying messages and | |
1201 altering non-risky buffer-local variables (but not global variables). | |
1202 | |
1203 @table @dfn | |
1204 @item Safe expression | |
1205 @itemize | |
1206 @item | |
1207 An atom or quoted thing. | |
1208 @item | |
1209 A call to a safe function (see below), if all its arguments are | |
1210 safe expressions. | |
1211 @item | |
1212 One of the special forms [and, catch, cond, if, or, prog1, prog2, | |
1213 progn, while, unwind-protect], if all its arguments are safe. | |
1214 @item | |
1215 A form that creates temporary bindings [condition-case, dolist, | |
1216 dotimes, lambda, let, let*], if all args are safe and the symbols to | |
1217 be bound are not explicitly risky (see @pxref{File Local Variables}). | |
1218 @item | |
1219 An assignment [add-to-list, setq, push, pop], if all args are safe and | |
1220 the symbols to be assigned are not explicitly risky and they already | |
1221 have temporary or buffer-local bindings. | |
1222 @item | |
1223 One of [apply, mapc, mapcar, mapconcat] if the first argument is a | |
1224 safe explicit lambda and the other args are safe expressions. | |
1225 @end itemize | |
1226 | |
1227 @item Safe function | |
1228 @itemize | |
1229 @item | |
1230 A lambda containing safe expressions. | |
1231 @item | |
1232 A symbol on the list @code{safe-functions}, so the user says it's safe. | |
1233 @item | |
1234 A symbol with a non-nil @code{side-effect-free} property. | |
1235 @item | |
1236 A symbol with a non-nil @code{safe-function} property. Value t | |
1237 indicates a function that is safe but has innocuous side effects. | |
1238 Other values will someday indicate functions with classes of side | |
1239 effects that are not always safe. | |
1240 @end itemize | |
1241 | |
1242 The @code{side-effect-free} and @code{safe-function} properties are | |
1243 provided for built-in functions and for low-level functions and macros | |
1244 defined in @file{subr.el}. You can assign these properties for the | |
1245 functions you write. | |
1246 | |
1247 @end table | |
1248 | |
1249 | |
1160 @c Emacs versions prior to 19 did not have inline functions. | 1250 @c Emacs versions prior to 19 did not have inline functions. |
1161 | 1251 |
1162 @node Related Topics | 1252 @node Related Topics |
1163 @section Other Topics Related to Functions | 1253 @section Other Topics Related to Functions |
1164 | 1254 |