From e722b4f48c90ea6536ac7efef47f9d0f3d8cc191 Mon Sep 17 00:00:00 2001 From: David Bremner Date: Sat, 11 Sep 2021 11:04:08 -0300 Subject: [PATCH] emacs: wrap call-process Provide safe working directory --- emacs/notmuch-crypto.el | 6 +++--- emacs/notmuch-draft.el | 2 +- emacs/notmuch-lib.el | 14 +++++++++----- emacs/notmuch-mua.el | 2 +- emacs/notmuch-show.el | 6 +++--- emacs/notmuch-tag.el | 2 +- test/T450-emacs-show.sh | 1 - 7 files changed, 18 insertions(+), 15 deletions(-) diff --git a/emacs/notmuch-crypto.el b/emacs/notmuch-crypto.el index 3ffb5654..a1cf3ddd 100644 --- a/emacs/notmuch-crypto.el +++ b/emacs/notmuch-crypto.el @@ -164,7 +164,7 @@ mode." (goto-char (point-max)) (insert (format "-- Key %s in message %s:\n" fingerprint id)) - (call-process notmuch-crypto-gpg-program nil t t + (notmuch--call-process notmuch-crypto-gpg-program nil t t "--batch" "--no-tty" "--list-keys" fingerprint)) (recenter -1)))) @@ -240,9 +240,9 @@ corresponding key when the status button is pressed." (with-current-buffer buffer (goto-char (point-max)) (insert (format "--- Retrieving key %s:\n" keyid)) - (call-process notmuch-crypto-gpg-program nil t t "--recv-keys" keyid) + (notmuch--call-process notmuch-crypto-gpg-program nil t t "--recv-keys" keyid) (insert "\n") - (call-process notmuch-crypto-gpg-program nil t t "--list-keys" keyid)) + (notmuch--call-process notmuch-crypto-gpg-program nil t t "--list-keys" keyid)) (recenter -1)) (notmuch-show-refresh-view))))) diff --git a/emacs/notmuch-draft.el b/emacs/notmuch-draft.el index 0b1ba43f..fcc45503 100644 --- a/emacs/notmuch-draft.el +++ b/emacs/notmuch-draft.el @@ -249,7 +249,7 @@ applied to newly inserted messages)." (setq buffer-read-only nil) (erase-buffer) (let ((coding-system-for-read 'no-conversion)) - (call-process notmuch-command nil t nil "show" "--format=raw" id)) + (notmuch--call-process notmuch-command nil t nil "show" "--format=raw" id)) (mime-to-mml) (goto-char (point-min)) (when (re-search-forward "^$" nil t) diff --git a/emacs/notmuch-lib.el b/emacs/notmuch-lib.el index 9693185f..45817e13 100644 --- a/emacs/notmuch-lib.el +++ b/emacs/notmuch-lib.el @@ -195,7 +195,7 @@ will be signaled. Otherwise the output will be returned." (with-temp-buffer - (let ((status (apply #'call-process notmuch-command nil t nil args)) + (let ((status (apply #'notmuch--call-process notmuch-command nil t nil args)) (output (buffer-string))) (notmuch-check-exit-status status (cons notmuch-command args) output) output))) @@ -206,7 +206,7 @@ Otherwise the output will be returned." (defun notmuch-cli-sane-p () "Return t if the cli seems to be configured sanely." (unless notmuch--cli-sane-p - (let ((status (call-process notmuch-command nil nil nil + (let ((status (notmuch--call-process notmuch-command nil nil nil "config" "get" "user.primary_email"))) (setq notmuch--cli-sane-p (= status 0)))) notmuch--cli-sane-p) @@ -286,7 +286,7 @@ depending on the value of `notmuch-poll-script'." (message "Polling mail...") (if (stringp notmuch-poll-script) (unless (string-empty-p notmuch-poll-script) - (unless (equal (call-process notmuch-poll-script nil nil) 0) + (unless (equal (notmuch--call-process notmuch-poll-script nil nil) 0) (error "Notmuch: poll script `%s' failed!" notmuch-poll-script))) (notmuch-call-notmuch-process "new")) (message "Polling mail...done")) @@ -639,7 +639,7 @@ the given type." ;; charset is US-ASCII. RFC6657 ;; complicates this somewhat. 'us-ascii))))) - (apply #'call-process + (apply #'notmuch--call-process notmuch-command nil '(t nil) nil args) (buffer-string)))))) (when (and cache data) @@ -882,6 +882,10 @@ default" (notmuch--apply-with-env #'call-process-region start end program delete buffer display args)) +(defun notmuch--call-process (program &optional infile destination display &rest args) + "Wrap call-process, binding DEFAULT-DIRECTORY to a safe default" + (notmuch--apply-with-env #'call-process program infile destination display args)) + (defun notmuch-call-notmuch--helper (destination args) "Helper for synchronous notmuch invocation commands. @@ -896,7 +900,7 @@ for `call-process'. ARGS is as described for (otherwise (error "Unknown keyword argument: %s" (car args))))) (if (null stdin-string) - (apply #'call-process notmuch-command nil destination nil args) + (apply #'notmuch--call-process notmuch-command nil destination nil args) (insert stdin-string) (apply #'notmuch--call-process-region (point-min) (point-max) notmuch-command t destination nil args)))) diff --git a/emacs/notmuch-mua.el b/emacs/notmuch-mua.el index f510c043..c679373b 100644 --- a/emacs/notmuch-mua.el +++ b/emacs/notmuch-mua.el @@ -474,7 +474,7 @@ the From: address." (with-current-buffer temp-buffer (erase-buffer) (let ((coding-system-for-read 'no-conversion)) - (call-process notmuch-command nil t nil + (notmuch--call-process notmuch-command nil t nil "show" "--format=raw" id)) ;; Because we process the messages in reverse order, ;; always generate a forwarded subject, then use the diff --git a/emacs/notmuch-show.el b/emacs/notmuch-show.el index eeb0c54b..ea20ddce 100644 --- a/emacs/notmuch-show.el +++ b/emacs/notmuch-show.el @@ -279,7 +279,7 @@ position of the message in the thread." (let ((buf (generate-new-buffer (concat "*notmuch-msg-" id "*")))) (with-current-buffer buf (let ((coding-system-for-read 'no-conversion)) - (call-process notmuch-command nil t nil "show" "--format=raw" id)) + (notmuch--call-process notmuch-command nil t nil "show" "--format=raw" id)) ,@body) (kill-buffer buf))))) @@ -2034,7 +2034,7 @@ to show, nil otherwise." (pop-to-buffer-same-window buf) (erase-buffer) (let ((coding-system-for-read 'no-conversion)) - (call-process notmuch-command nil t nil "show" "--format=raw" id)) + (notmuch--call-process notmuch-command nil t nil "show" "--format=raw" id)) (goto-char (point-min)) (set-buffer-modified-p nil) (setq buffer-read-only t) @@ -2086,7 +2086,7 @@ message." ;; Use the originating buffer's working directory instead of ;; that of the pipe buffer. (cd cwd) - (let ((exit-code (call-process-shell-command shell-command nil buf))) + (let ((exit-code (notmuch--call-process-shell-command shell-command nil buf))) (goto-char (point-max)) (set-buffer-modified-p nil) (unless (zerop exit-code) diff --git a/emacs/notmuch-tag.el b/emacs/notmuch-tag.el index e3a60441..536315e9 100644 --- a/emacs/notmuch-tag.el +++ b/emacs/notmuch-tag.el @@ -397,7 +397,7 @@ Return all tags if no search terms are given." (split-string (with-output-to-string (with-current-buffer standard-output - (apply 'call-process notmuch-command nil t + (apply 'notmuch--call-process notmuch-command nil t nil "search" "--output=tags" "--exclude=false" search-terms))) "\n+" t)) diff --git a/test/T450-emacs-show.sh b/test/T450-emacs-show.sh index 03f953aa..4b5f5fde 100755 --- a/test/T450-emacs-show.sh +++ b/test/T450-emacs-show.sh @@ -238,7 +238,6 @@ test_expect_equal_file $EXPECTED/notmuch-show-decrypted-message-no-crypto OUTPUT test_begin_subtest "notmuch-show with nonexistent CWD" tid=$(notmuch search --limit=1 --output=threads '*' | sed s/thread://) -test_subtest_known_broken test_emacs "(test-log-error (let ((default-directory \"/nonexistent\")) (notmuch-show \"$tid\")))" -- 2.43.0