Get the latest tech news
Emacs arbitrary code execution and how to avoid it
A post by Eshel Yaron with details and advice about a long standing arbitrary code execution vulnerability in Emacs
This makes such meta-programming fun and easy, especially in comparison to the experience of writing elaborate C preprocessor macros, for example, which often feels a bit hackish. In addition, Emacs ships with several built-in macros that actually do execute arbitrary code by evaluating some of their arguments, no questions asked. I’ve come to discover this issue while working on an enhancement for ELisp mode, which employed macro-expansion to provide semantic code highlighting.
Or read this on Hacker News