Commit Graph

2854 Commits (c1bf412f5737aa30f3f90ddaea57b2d8effbbea9)

Author SHA1 Message Date
Don HO c1bf412f57 [EU-FOSSA] Avoid to execute eventual hijacked binaries from Notepad++
If the same name binaries are placed in user's PC and the fake binaries path are set before the system ones:
https://superuser.com/questions/897644/how-does-windows-decide-which-executable-to-run/897645
then the fake ones are executed.
Remove these entries for avoiding to execute eventual hijacked binaries from Notepad++.
2019-01-22 00:04:06 +01:00
Don HO abf78e84b2 [EU-FOSSA] Fix loading unexpected dll as plugin issue
Unexpect behaviour: if "<NppDir>\...dll" and/or "<NppDir>\plugins\..dll" exist, they will be loaded because Notepad++ try to load "<NppDir>\pluginName\pluginName.dll" as plugin, in our case "<NppDir>\plugins\..\...dll" and "<NppDir>\plugins\.\..dll" respectively.

The fix is excluding both directories ".." & "." to not load mentionned above unwanted dll.
2019-01-19 03:30:54 +01:00
Don HO e813f0383b Fix x64 build error 2019-01-19 03:27:08 +01:00
Don HO 4421161848 [EU-FOSSA] Fix stack overflow issue while affecting "ext" field on stylers.xml 2019-01-18 23:09:00 +01:00
Don HO ccdf7d8d8b [EU-FOSSA] Fix stack overflow in XML Parsing 2019-01-18 03:50:20 +01:00
Don HO b9ce848881 [EU-FOSSA] Fix EXE Hijacking of gup.exe launched by Notepad++
Notepad++ launches updater (gup.exe) without checking the signature, that makes exe hacking possible.
The fix is to check updater binary's signature before launching it.
2019-01-18 00:40:01 +01:00
Don HO ac2ac8cb4b Fix x64 build error 2019-01-18 00:34:40 +01:00
Don HO 5b1f530204 [EU-FOSSA] Fix crash issue due to heap overflow in clipboardHistoryPanel.cpp
When the amount of clipboard data is too important, it makes crash of function WideCharToMultiByte (win32 API).
The remedy is to capture this error to prevent Notepad++ from crash.
2019-01-17 13:56:41 +01:00
Rajendra Singh 694415f8af Make exception error more clear
Close #5212
2019-01-15 09:56:41 +01:00
Don HO 0f936707a2 [EU-FOSSA] Fix a security issue: RCE via unsanitized command line in "Open containing folder"
Summary of the Issue:
A remote code execution (RCE) vulnerability was found when a user opens a crafted containing folder in the command line. Code execution is possible by injecting a & followed by system commands into the name of the folder.

Steps to reproduce:
Download the attached archive on Windows: unzip_me.zip (F404758)
Unzip it and navigate into it
Open the txt file inside with Notepad++
Go to File -> Open containing folder -> cmd

Impact statement:
Successful exploitation of this vulnerability would allow an attacker to remotely execute arbitrary commands on the victim's computer.
2019-01-14 20:20:19 +01:00
Don HO fd32585c14 List plugins in alphabetical order in Plugins Admin dialog 2019-01-14 20:02:47 +01:00
Don HO 70dee50dc7 Notepad++ 7.6.2 release Gilet Jaune Edition 2019-01-01 02:46:17 +01:00
Artem Polivanchuk 201b5afabe Update ukrainian.xml
Close #5132
2018-12-30 18:45:34 +01:00
Artem Polivanchuk e335050fbf Update belarusian.xml
Update Belarusian translation

Close #5143
2018-12-30 18:41:30 +01:00
Luca bb09cda273 Updated italian to 7.6.2
Close #5177
2018-12-30 18:18:46 +01:00
rra0137 b1285e7b1e Add Zulu localization
Close #5160
2018-12-29 12:40:35 +01:00
schnurlos 3f2126c758 Update german.xml (48503, SHA-256, ...)
Close #5172
2018-12-29 01:38:41 +01:00
yasmise 8c03066351 update japanese.xml to v7.6.2
Close #5169
2018-12-27 21:01:28 +01:00
rddim 1bc50df4e7 Update Bulgarian localization
Close #4954
2018-12-27 20:58:18 +01:00
Don HO 953919c406 Make new added SHA-256 hash features translatable 2018-12-26 00:06:04 +01:00
historicbruno a8f3ef12dc Updates rust keywords and primitive types for 2018 edition
https://doc.rust-lang.org/book/ch03-02-data-types.html
https://doc.rust-lang.org/book/appendix-01-keywords.html

Close #5159
2018-12-25 20:10:19 +01:00
Don HO 589e21151d Change the access right of folders via installer
%PROGRAMDATA%\Notepad++\plugins\ will be restricted
%PROGRAMDATA%\Notepad++\plugins\Config\ will has full access
2018-12-25 19:25:38 +01:00
Don HO 62bfef46ef Remove unused "plugins\disabled" folder 2018-12-24 02:49:30 +01:00
Don HO a76843cf65 Remove auto-completion files from the old location while update 2018-12-23 15:02:50 +01:00
Don HO 90c724ae43 Change folder location of auto-completion for zipped package 2018-12-23 04:44:48 +01:00
Don HO d6f5b7b13a Change folder location of auto-completion
from "<NPP_INST>\plugins\APIs\" to "<NPP_INST>\autoCompletion\"
2018-12-23 04:27:56 +01:00
Don HO 699b9b08ed Add Plugins Admin module into zipped package 2018-12-23 01:20:32 +01:00
Don HO 6eabece7ad Make Plugin Admin excluded from Windows XP because wingup doesn't work
under XP
2018-12-22 18:47:27 +01:00
Jon Bockhorst 4f24f81eb8 Add new feature: double click splitter resets panes to equal size
Close #5118
2018-12-20 09:51:42 +01:00
Don HO 412c5986a0 Fix a compiling error due to bad formatted ressource file. 2018-12-17 14:11:41 +01:00
Don HO a079013c22 Fix the plugin crash issue due to the inexistent path
Inexistent path %APPDATA%\Notepad++\plugins\Config\ made some plugins crash.
In this PR the folder is checked (and created if it doesn't exist) by each launch of Notepad++.
2018-12-17 10:16:01 +01:00
Don HO 647651b7ee Add generation of SHA-256 hash feature 2018-12-16 20:14:30 +01:00
Don HO e7b04a6a1a Notepad++ 7.6.1 release 2018-12-13 02:37:11 +01:00
Don HO b709bc9f1b Fix installer's plugins copy issue under Linux (by using WINE) 2018-12-11 18:50:57 +01:00
Don HO e9563aeb8c Remove unecessary message boxes from some NPPM API 2018-12-09 22:29:34 +01:00
Tmp341 6c6a4d5bbd Updated Turkish.xml
Updated after english.xml [fab3db5](fab3db50df (diff-2a8496e2537c34b95cbeca007cd2346b)) and [1719000](17190009bf (diff-2a8496e2537c34b95cbeca007cd2346b)) commits.
Close #4960
2018-12-09 16:06:12 +01:00
Rajendra Singh 6c73e5cba7 Fixed printer header footer font issue
Fix #4749, close #5003
2018-12-09 16:02:03 +01:00
xomx 9175b55ff0 Update Czech Translation
Update czech.xml for Plugins Admin

Close #5106
2018-12-09 15:54:33 +01:00
Christian Grasser 0686435d1a Fix invalid xml syntax issue from #4572
Close #5112
2018-12-09 15:50:23 +01:00
KOLANICH 41fa7f6d95 Add and reorder keywords in Python
Added nonlocal and moved async and await according to lexicographical order
2018-12-09 15:42:30 +01:00
Don HO 03daf5559e Make installer more coherent for the option doLocalConf.xml
If the install path is under %PROGRAMFILE% then option to copy doLocalConf.xml will be unchecked and disabled.
2018-12-08 17:33:03 +01:00
Don HO 15ef9bd052 Change nppPluginList.dll installation locaion
From %LOCALAPPDATA%\Ntepad++\plugins\Config\ to %PROGRAMDATA%\Ntepad++\plugins\Config\
2018-12-06 02:31:39 +01:00
Don HO 775d204ef9 Change loading plugin list location
Loading plugin list location is changed from %LOCALAPPDATA%\Notepad++\plugins\Config\ to
%PROGRAMDATA%\Notepad++\plugins\Config\

Enhance API NPPM_GETPLUGINSCONFIGDIR
2018-12-04 13:38:25 +01:00
Kovra 4f67c09859 Make text display right in summary panel
Close #5037

User @buggalicious found the summary text is displaying a count of characters without line endings not blanks.
Patch should address #3849 by updating the text to describe what is actually being counted.
2018-12-03 03:09:31 +01:00
Brad G 184a6f6ce5 PHP: Add styler entry for complex variables
Close #5066
2018-12-03 02:39:06 +01:00
0017031 d7507013e0 Enhance pluginsAdmin.h
use _TCHAR and _istdigit() to avoid wchar/char mismatch, and possible undefined behavior.
https://en.cppreference.com/w/cpp/string/byte/isdigit

Close #5067
2018-12-03 02:11:30 +01:00
mogu1121 b4f012985f Add new JavaScript API for auto-completion
Close #5023
2018-12-03 00:55:06 +01:00
Christian Grasser 678321df97 Merge branch 'chcg-xml_syntax_issues' 2018-12-02 23:58:55 +01:00
Christian Grasser ef29c78945 Merge branch 'xml_syntax_issues' of https://github.com/chcg/notepad-plus-plus into chcg-xml_syntax_issues
checked all files of the APIs dir for xml syntax issues and corrected the invalid files

Tested with plugin tools and checked also against https://www.xmlvalidation.com/

The current invalid xml syntax seems to have no bad influence on the functionality of the files.
2018-12-02 23:55:27 +01:00
bubbajdf f632002c62 Fix a entry of Pig latin
Corrected GENERAL to ENERALGAY
Close #5069
2018-12-02 23:37:16 +01:00