notepad-plus-plus

History

Don Ho 686bf4fba1 Fix security flaw issue There's a security flaw for the un-installation of Notepad++ in Windows Register, the string without quotes: C:\Program Files\Notepad++\uninstall.exe, whereas it should be "C:\Program Files\Notepad++\uninstall.exe". The reason is, hacker can create a file called c:\program.exe, then Windows could interpret Files\Notepad++\uninstall.exe as the argument, so the system could run c:\program.exe. Ref: https://isc.sans.edu/diary/Help+eliminate+unquoted+path+vulnerabilities/14464 Fixed by @ozone10: Fix #10191, fix #6165, close #10369	2021-08-13 13:49:40 +02:00
..
unitTest	Fix security flaw issue	2021-08-13 13:49:40 +02:00
unitTest.expected.result	Add unit tests for function list feature	2018-04-13 12:46:03 +02:00

Don Ho 686bf4fba1 Fix security flaw issue

There's a security flaw for the un-installation of Notepad++ in Windows Register, the string without quotes:
C:\Program Files\Notepad++\uninstall.exe, whereas it should be "C:\Program Files\Notepad++\uninstall.exe".
The reason is, hacker can create a file called c:\program.exe, then Windows could interpret Files\Notepad++\uninstall.exe as the argument, so the system could run c:\program.exe. Ref:
https://isc.sans.edu/diary/Help+eliminate+unquoted+path+vulnerabilities/14464

Fixed by @ozone10:

Fix #10191, fix #6165, close #10369

2021-08-13 13:49:40 +02:00

unitTest

Fix security flaw issue

2021-08-13 13:49:40 +02:00

unitTest.expected.result

Add unit tests for function list feature

2018-04-13 12:46:03 +02:00