Mercurial > emacs
view lisp/emacs-lisp/unsafep.el @ 83004:7900111db01c
Converted display hooks to be display-local. Plus many bugfixes.
lib-src/emacsclient.c (window_change_signal): Renamed to pass_signal_to_emacs.
(init_signal): Pass SIGINT and SIGQUIT to the emacs process.
lisp/faces.el (face-valid-attribute-values): Use the window-system
function, not the variable.
(read-face-attribute, face-spec-set-match-display, frame-set-background-mode)
(face-set-after-frame-default): Ditto.
lisp/frame.el (make-frame-on-tty): Added interactive declaration
(suggested by Robert J. Chassell). Use tty-create-frame-with-faces,
not make-terminal-frame.
src/termhooks.h (struct display_method): Renamed to display for brevity.
(struct display): Added all display hook variables as members of this structure.
Added next_display, reference_count, type and display_info components.
(FRAME_MUST_WRITE_SPACES, FRAME_FAST_CLEAR_END_OF_LINE, FRAME_LINE_INS_DEL_OK)
(FRAME_CHAR_INS_DEL_OK, FRAME_SCROLL_REGION_OK, FRAME_SCROLL_REGION_COST)
(FRAME_MEMORY_BELOW_FRAME, FRAME_RIF): Updated for struct display.
(FRAME_DISPLAY): New macro.
(create_display, delete_display): New prototypes.
src/frame.h (struct frame): Added `display' member, removed display_method.
(FRAME_LIVE_P): Look at f->display, not f->output_data.
src/termchar.h (struct tty_display_info): Removed display_method component.
(FRAME_TTY): Use the display structure, not output_data.
src/term.c (display_list): New variable.
(cursor_to_hook, raw_cursor_to_hook, clear_to_end_hook, clear_frame_hook)
(clear_end_of_line_hook, ins_del_lines_hook, delete_glyphs_hook)
(ring_bell_hook, reset_terminal_modes_hook, set_terminal_modes_hook)
(update_begin_hook, update_end_hook, set_terminal_window_hook)
(insert_glyphs_hook, write_glyphs_hook, delete_glyphs_hoo, read_socket_hook)
(frame_up_to_date_hook, mouse_position_hook, frame_rehighlight_hook)
(frame_raise_lower_hook, set_vertical_scroll_bar_hook, condemn_scroll_bars_hook)
(redeem_scroll_bar_hook, judge_scroll_bars_hook): Moved to struct display.
(tty_display_method_template): Removed.
(syms_of_term): Don't initialize tty_display_method_template.
(ring_bell, set_terminal_modes, reset_terminal_modes, update_begin)
(update_end, set_terminal_window, cursor_to, raw_cursor_to, clear_to_end)
(clear_frame, clear_end_of_line, write_glyphs, insert_glyphs)
(delete_glyphs, ins_del_lines): Access display hooks through the frame pointer.
(Ftty_display_color_p): Use the frame given as a parameter, or else return nil.
(Ftty_display_color_cells): Ditto.
(get_named_tty): Renamed to get_named_tty_display, changed return type to struct display.
(term_dummy_init): Renamed to initial_term_init. Create and return an initial display.
(term_init): Initialize a new struct display and return a pointer to
it instead of tty_display_info. Removed frame initialization kludge.
(Fdelete_tty): Updated for struct display.
(delete_tty): The parameter type is now struct display, not tty_display_info.
Delete the display, too.
(create_tty_output): New function for creating tty_output structures.
(delete_tty_output): New function for deleting tty_output structures.
(create_display): New function for creating and registering display structures.
(delete_display): New function for deleting and unregistering display structures.
src/dispextern.h: Updated prototypes.
src/dispnew.c: Include frame.h before termhooks.h.
(init_display): Updated term_init call to new signature.
src/emacs.c: Include frame.h (for termhooks.h).
src/keymap.c: Ditto.
src/lread.c: Ditto.
src/xsmfns.c: Ditto.
src/process.c: Include frame.h before termhooks.h.
src/frame.c (Fwindow_system): New function.
(syms_of_frame): Initialize it.
(make_terminal_frame): Open the terminal device before creating the new frame.
Disable scrollbars here, term_init cannot do that anymore.
(Fdelete_frame): Use the new delete_frame_hook, don't do display-specific
frame deletion here. Ditto for delete_display_hook.
(Fmouse_position, Fmouse_pixel_position, Fraise_frame, Flower_frame)
(Fredirect_frame_focus): Access display hooks through the frame pointer.
src/keyboard.c: Include frame.h before termhooks.h.
(start_polling, input_polling_used, stop_polling, gobble_input): Ignore read_socket_hook.
(kbd_buffer_get_event, Fset_input_mode): Access display hooks through the frame pointer.
(read_avail_input): Loop through all display devices for and call all read_socket_hook functions. Check ttys even if read_socket_hook returned an error.
src/sysdep.c (discard_tty_input): Ignore read_socket_hook.
(stuff_char): Don't do anything if the current frame is not on a termcap display.
(request_sigio, unrequest_sigio): Ignore read_socket_hook.
(init_sys_modes): Always call narrow_foreground_group. Set up terminal modes and sigio even under X.
src/xdisp.c (message2_nolog, message3_nolog, redisplay_internal)
(set_vertical_scroll_bar, redisplay_window): Access display hooks through the frame pointer.
(echo_area_display): Don't be afraid of termcap frames during an X+tty combo session.
src/xfaces.c: Include termhooks.h.
(Ftty_supports_face_attributes_p): Use the given frame, not selected_frame.
src/xfns.c (x_set_scroll_bar_foreground, x_set_scroll_bar_background): Access display hooks through the frame pointer.
(Fx_create_frame, x_create_tip_frame): Initialize the frame's display structure.
src/xmenu.c: Include termhooks.h after frame.h.
src/xselect.c (x_own_selection, some_frame_on_display, x_get_foreign_selection)
(Fx_disown_selection_internal, Fx_get_cut_buffer_internal)
(Fx_store_cut_buffer_internal, Fx_rotate_cut_buffers_internal): Don't do anything
if the selected frame is not an X frame.
src/xterm.c (x_display_method): Removed.
(x_create_frame_display, x_delete_frame_display): New functions for handling struct display objects.
(x_term_init): Set up a new struct display object, too.
(x_delete_display): Delete the struct display corresponding to the X display.
(x_initialize): Moved hook initialization to x_create_frame_display.
src/xterm.h (x_display_method): Removed.
(struct x_display_info): Added frame_display component.
git-archimport-id: lorentey@elte.hu--2004/emacs--multi-tty--0--patch-44
| author | Karoly Lorentey <lorentey@elte.hu> |
|---|---|
| date | Mon, 05 Jan 2004 05:54:35 +0000 |
| parents | 695cf19ef79e |
| children | 18a818a2ee7c 375f2633d815 |
line wrap: on
line source
;;;; unsafep.el -- Determine whether a Lisp form is safe to evaluate ;; Copyright (C)2002 Free Software Foundation, Inc. ;; Author: Jonathan Yavner <jyavner@member.fsf.org> ;; Maintainer: Jonathan Yavner <jyavner@member.fsf.org> ;; Keywords: safety lisp utility ;; This file is part of GNU Emacs. ;; GNU Emacs is free software; you can redistribute it and/or modify ;; it under the terms of the GNU General Public License as published by ;; the Free Software Foundation; either version 2, or (at your option) ;; any later version. ;; GNU Emacs is distributed in the hope that it will be useful, ;; but WITHOUT ANY WARRANTY; without even the implied warranty of ;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ;; GNU General Public License for more details. ;; You should have received a copy of the GNU General Public License ;; along with GNU Emacs; see the file COPYING. If not, write to the ;; Free Software Foundation, Inc., 59 Temple Place - Suite 330, ;; Boston, MA 02111-1307, USA. ;;; Commentary: ;; This is a simplistic implementation that does not allow any modification of ;; buffers or global variables. It does no dataflow analysis, so functions ;; like `funcall' and `setcar' are completely disallowed. It is designed ;; for "pure Lisp" formulas, like those in spreadsheets, that don't make any ;; use of the text editing capabilities of Emacs. ;; A formula is safe if: ;; 1. It's an atom. ;; 2. It's a function call to a safe function and all arguments are safe ;; formulas. ;; 3. It's a special form whose arguments are like a function's (and, ;; catch, if, or, prog1, prog2, progn, while, unwind-protect). ;; 4. It's a special form or macro that creates safe temporary bindings ;; (condition-case, dolist, dotimes, lambda, let, let*). ;; 4. It's one of (cond, quote) that have special parsing. ;; 5. It's one of (add-to-list, setq, push, pop) and the assignment variable ;; is safe. ;; 6. It's one of (apply, mapc, mapcar, mapconcat) and its first arg is a ;; quoted safe function. ;; ;; A function is safe if: ;; 1. It's a lambda containing safe formulas. ;; 2. It's a member of list `safe-functions', so the user says it's safe. ;; 3. It's a symbol with the `side-effect-free' property, defined by the ;; byte compiler or function author. ;; 4. It's a symbol with the `safe-function' property, defined here or by ;; the function author. Value t indicates a function that is safe but ;; has innocuous side effects. Other values will someday indicate ;; functions with side effects that are not always safe. ;; The `side-effect-free' and `safe-function' properties are provided for ;; built-in functions and for functions and macros defined in subr.el. ;; ;; A temporary binding is unsafe if its symbol: ;; 1. Has the `risky-local-variable' property. ;; 2. Has a name that ends with -command, font-lock-keywords(-[0-9]+)?, ;; font-lock-syntactic-keywords, -form, -forms, -frame-alist, -function, ;; -functions, -history, -hook, -hooks, -map, -map-alist, -mode-alist, ;; -predicate, or -program. ;; ;; An assignment variable is unsafe if: ;; 1. It would be unsafe as a temporary binding. ;; 2. It doesn't already have a temporary or buffer-local binding. ;; There are unsafe forms that `unsafep' cannot detect. Beware of these: ;; 1. The form's result is a string with a display property containing a ;; form to be evaluated later, and you insert this result into a ;; buffer. Always remove display properties before inserting! ;; 2. The form alters a risky variable that was recently added to Emacs and ;; is not yet marked with the `risky-local-variable' property. ;; 3. The form uses undocumented features of built-in functions that have ;; the `side-effect-free' property. For example, in Emacs-20 if you ;; passed a circular list to `assoc', Emacs would crash. Historically, ;; problems of this kind have been few and short-lived. (provide 'unsafep) (require 'byte-opt) ;Set up the `side-effect-free' properties (defcustom safe-functions nil "t to disable `unsafep', or a list of assumed-safe functions." :group 'lisp :type '(choice (const :tag "No" nil) (const :tag "Yes" t) hook)) (defvar unsafep-vars nil "Dynamically-bound list of variables with lexical bindings at this point in the parse.") (put 'unsafep-vars 'risky-local-variable t) ;;Side-effect-free functions from subr.el (dolist (x '(assoc-default assoc-ignore-case butlast last match-string match-string-no-properties member-ignore-case remove remq)) (put x 'side-effect-free t)) ;;Other safe functions (dolist (x '(;;Special forms and catch if or prog1 prog2 progn while unwind-protect ;;Safe subrs that have some side-effects ding error message minibuffer-message random read-minibuffer signal sleep-for string-match throw y-or-n-p yes-or-no-p ;;Defsubst functions from subr.el caar cadr cdar cddr ;;Macros from subr.el save-match-data unless when with-temp-message ;;Functions from subr.el that have side effects read-passwd split-string replace-regexp-in-string play-sound-file)) (put x 'safe-function t)) ;;;###autoload (defun unsafep (form &optional unsafep-vars) "Return nil if evaluating FORM couldn't possibly do any harm; otherwise result is a reason why FORM is unsafe. UNSAFEP-VARS is a list of symbols with local bindings." (catch 'unsafep (if (or (eq safe-functions t) ;User turned off safety-checking (atom form)) ;Atoms are never unsafe (throw 'unsafep nil)) (let* ((fun (car form)) (reason (unsafep-function fun)) arg) (cond ((not reason) ;;It's a normal function - unsafe if any arg is (unsafep-progn (cdr form))) ((eq fun 'quote) ;;Never unsafe nil) ((memq fun '(apply mapc mapcar mapconcat)) ;;Unsafe if 1st arg isn't a quoted lambda (setq arg (cadr form)) (cond ((memq (car-safe arg) '(quote function)) (setq reason (unsafep-function (cadr arg)))) ((eq (car-safe arg) 'lambda) ;;Self-quoting lambda (setq reason (unsafep arg unsafep-vars))) (t (setq reason `(unquoted ,arg)))) (or reason (unsafep-progn (cddr form)))) ((eq fun 'lambda) ;;First arg is temporary bindings (mapc #'(lambda (x) (let ((y (unsafep-variable x t))) (if y (throw 'unsafep y))) (or (memq x '(&optional &rest)) (push x unsafep-vars))) (cadr form)) (unsafep-progn (cddr form))) ((eq fun 'let) ;;Creates temporary bindings in one step (setq unsafep-vars (nconc (mapcar #'unsafep-let (cadr form)) unsafep-vars)) (unsafep-progn (cddr form))) ((eq fun 'let*) ;;Creates temporary bindings iteratively (dolist (x (cadr form)) (push (unsafep-let x) unsafep-vars)) (unsafep-progn (cddr form))) ((eq fun 'setq) ;;Safe if odd arguments are local-var syms, evens are safe exprs (setq arg (cdr form)) (while arg (setq reason (or (unsafep-variable (car arg) nil) (unsafep (cadr arg) unsafep-vars))) (if reason (throw 'unsafep reason)) (setq arg (cddr arg)))) ((eq fun 'pop) ;;safe if arg is local-var sym (unsafep-variable (cadr form) nil)) ((eq fun 'push) ;;Safe if 2nd arg is a local-var sym (or (unsafep (cadr form) unsafep-vars) (unsafep-variable (nth 2 form) nil))) ((eq fun 'add-to-list) ;;Safe if first arg is a quoted local-var sym (setq arg (cadr form)) (if (not (eq (car-safe arg) 'quote)) `(unquoted ,arg) (or (unsafep-variable (cadr arg) nil) (unsafep-progn (cddr form))))) ((eq fun 'cond) ;;Special form with unusual syntax - safe if all args are (dolist (x (cdr form)) (setq reason (unsafep-progn x)) (if reason (throw 'unsafep reason)))) ((memq fun '(dolist dotimes)) ;;Safe if COUNT and RESULT are safe. VAR is bound while checking BODY. (setq arg (cadr form)) (or (unsafep-progn (cdr arg)) (let ((unsafep-vars (cons (car arg) unsafep-vars))) (unsafep-progn (cddr form))))) ((eq fun 'condition-case) ;;Special form with unusual syntax - safe if all args are (or (unsafep-variable (cadr form) t) (unsafep (nth 2 form) unsafep-vars) (let ((unsafep-vars (cons (cadr form) unsafep-vars))) ;;var is bound only during handlers (dolist (x (nthcdr 3 form)) (setq reason (unsafep-progn (cdr x))) (if reason (throw 'unsafep reason)))))) (t ;;First unsafep-function call above wasn't nil, no special case applies reason))))) (defun unsafep-function (fun) "Return nil if FUN is a safe function \(either a safe lambda or a symbol that names a safe function). Otherwise result is a reason code." (cond ((eq (car-safe fun) 'lambda) (unsafep fun unsafep-vars)) ((not (and (symbolp fun) (or (get fun 'side-effect-free) (eq (get fun 'safe-function) t) (eq safe-functions t) (memq fun safe-functions)))) `(function ,fun)))) (defun unsafep-progn (list) "Return nil if all forms in LIST are safe, or the reason for the first unsafe form." (catch 'unsafep-progn (let (reason) (dolist (x list) (setq reason (unsafep x unsafep-vars)) (if reason (throw 'unsafep-progn reason)))))) (defun unsafep-let (clause) "CLAUSE is a let-binding, either SYM or (SYM) or (SYM VAL). Checks VAL and throws a reason to `unsafep' if unsafe. Returns SYM." (let (reason sym) (if (atom clause) (setq sym clause) (setq sym (car clause) reason (unsafep (cadr clause) unsafep-vars))) (setq reason (or (unsafep-variable sym t) reason)) (if reason (throw 'unsafep reason)) sym)) (defun unsafep-variable (sym global-okay) "Returns nil if SYM is safe as a let-binding sym \(because it already has a temporary binding or is a non-risky buffer-local variable), otherwise a reason why it is unsafe. Failing to be locally bound is okay if GLOBAL-OKAY is non-nil." (cond ((not (symbolp sym)) `(variable ,sym)) ((risky-local-variable-p sym nil) `(risky-local-variable ,sym)) ((not (or global-okay (memq sym unsafep-vars) (local-variable-p sym))) `(global-variable ,sym)))) ;;; arch-tag: 6216f98b-eb8f-467a-9c33-7a7644f50658 ;; unsafep.el ends here.