Skip to content

Commit

Permalink
[BUG_FIXED] Fix a vulnerability: get full ScinLexer.dll path to avoid…
Browse files Browse the repository at this point in the history
… hijack.

git-svn-id: svn://svn.tuxfamily.org/svnroot/notepadplus/repository/trunk@657 f5eea248-9336-0410-98b8-ebc06183d4e3
  • Loading branch information
donho committed Aug 29, 2010
1 parent f602782 commit 3fa8a89
Showing 1 changed file with 11 additions and 1 deletion.
12 changes: 11 additions & 1 deletion PowerEditor/src/ScitillaComponent/ScintillaEditView.cpp
Expand Up @@ -22,7 +22,17 @@


// initialize the static variable
HINSTANCE ScintillaEditView::_hLib = ::LoadLibrary(TEXT("SciLexer.DLL"));

// get full ScinLexer.dll path to avoid hijack
TCHAR * getSciLexerFullPathName(TCHAR * moduleFileName, size_t len){
::GetModuleFileName(NULL, moduleFileName, len);
::PathRemoveFileSpec(moduleFileName);
::PathAppend(moduleFileName, TEXT("SciLexer.dll"));
return moduleFileName;
};

TCHAR moduleFileName[1024];
HINSTANCE ScintillaEditView::_hLib = ::LoadLibrary(getSciLexerFullPathName(moduleFileName, 1024));
int ScintillaEditView::_refCount = 0;
UserDefineDialog ScintillaEditView::_userDefineDlg;

Expand Down

0 comments on commit 3fa8a89

Please sign in to comment.