Bugs item #2858744, was opened at 2009-09-14 20:28 Message generated for change (Comment added) made by edg You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=111005&aid=2858744&group_id=11005
Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. >Category: Program >Group: release >Status: Closed >Resolution: Fixed Priority: 5 Private: No Submitted By: Evan Teran (eteran) Assigned to: Nobody/Anonymous (nobody) Summary: preferences.c contains a format string error Initial Comment: my original post was accidentally submitted to the patches section, Sorry if this ends up being a dup. nedit 5.5 has a format string error in preferences.c. fprintf(stderr, "Could not read additional preferences file: "); fprintf(stderr, filename); fprintf(stderr, "\n"); This _should_ be fprintf(stderr, "Could not read additional preferences file: %s\n", filename); This is crashable/exploitable (though there is little to nothing to be gained by exploited it). A demonstration of the crash is as simple as this: nedit -import "%n" ---------------------------------------------------------------------- >Comment By: Eddy De Greef (edg) Date: 2009-09-14 21:24 Message: We already had this fix in CVS. Thanks anyway. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=111005&aid=2858744&group_id=11005 -- NEdit Develop mailing list - [email protected] http://www.nedit.org/mailman/listinfo/develop
