[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Emacs-diffs] emacs-25 95a5c23: * lisp/emacs-lisp/package.el (package-un
|
From: |
Artur Malabarba |
|
Subject: |
[Emacs-diffs] emacs-25 95a5c23: * lisp/emacs-lisp/package.el (package-unpack): Security check |
|
Date: |
Sat, 12 Dec 2015 21:43:51 +0000 |
branch: emacs-25
commit 95a5c23f741f42c6f68e283570cdce10b1946296
Author: Artur Malabarba <address@hidden>
Commit: Artur Malabarba <address@hidden>
* lisp/emacs-lisp/package.el (package-unpack): Security check
Check that we received the package we were offered.
---
lisp/emacs-lisp/package.el | 5 ++++-
1 files changed, 4 insertions(+), 1 deletions(-)
diff --git a/lisp/emacs-lisp/package.el b/lisp/emacs-lisp/package.el
index 3cf94ec..f60bff4 100644
--- a/lisp/emacs-lisp/package.el
+++ b/lisp/emacs-lisp/package.el
@@ -829,7 +829,10 @@ untar into a directory named DIR; otherwise, signal an
error."
(package--make-autoloads-and-stuff pkg-desc pkg-dir)
;; Update package-alist.
(let ((new-desc (package-load-descriptor pkg-dir)))
- ;; FIXME: Check that `new-desc' matches `desc'!
+ (unless (equal (package-desc-full-name new-desc)
+ (package-desc-full-name pkg-desc))
+ (error "The retrieved package (`%s') doesn't match what the archive
offered (`%s')"
+ (package-desc-full-name new-desc) (package-desc-full-name
pkg-desc)))
;; Activation has to be done before compilation, so that if we're
;; upgrading and macros have changed we load the new definitions
;; before compiling.
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Emacs-diffs] emacs-25 95a5c23: * lisp/emacs-lisp/package.el (package-unpack): Security check,
Artur Malabarba <=