[Bug] Notepad++ 'C' and 'CPP' File Handling Remote Stack Buffer Overflow Vulnerability
Reported by Jocelyn Legault | October 9th, 2009 @ 12:12 AM | in v1.0.0
Repro steps:
See this Security Focus entry.
Comments and changes to this ticket
-
Jocelyn Legault October 14th, 2009 @ 11:00 PM
- Assigned user set to “npp-community”
-
Jocelyn Legault October 24th, 2009 @ 05:45 AM
- Assigned user changed from “npp-community” to “Jocelyn Legault”
- State changed from “new” to “open”
-
Jocelyn Legault November 5th, 2009 @ 10:32 PM
- State changed from “open” to “invalid”
This exploit isn't reproducible in N++CR. While N++ strains terribly under the load (we're loading a 100MB file after all!) it does not crash or throws any exception.
It's my opinion that the secure form of the str functions being used in this version shields it from this particular problem.
Please Sign in or create a free account to add a new ticket.
With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.
Create new ticket
Create your profile
Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป
Notepad++ Community Release
Jocelyn Legault
npp-community