Bugs item #2858744, was opened at 2009-09-14 13:28 Message generated for change (Tracker Item Submitted) made by eteran You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=111005&aid=2858744&group_id=11005
Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: None Group: None Status: Open Resolution: None Priority: 5 Private: No Submitted By: Evan Teran (eteran) Assigned to: Nobody/Anonymous (nobody) Summary: preferences.c contains a format string error Initial Comment: my original post was accidentally submitted to the patches section, Sorry if this ends up being a dup. nedit 5.5 has a format string error in preferences.c. fprintf(stderr, "Could not read additional preferences file: "); fprintf(stderr, filename); fprintf(stderr, "\n"); This _should_ be fprintf(stderr, "Could not read additional preferences file: %s\n", filename); This is crashable/exploitable (though there is little to nothing to be gained by exploited it). A demonstration of the crash is as simple as this: nedit -import "%n" ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=111005&aid=2858744&group_id=11005 -- NEdit Develop mailing list - [email protected] http://www.nedit.org/mailman/listinfo/develop
