Fix CVE-2014-9456 (but it's not a "Security Vulnerability")

Fix Notepad++ Debug binary crash issue while opening some special files (crash after some "Assertion fail" message boxes). Only the Debug binary is impacted. There's no issue for the release binary, so it's not a "security vulnerability". Also there's no buffer overflow as the description in CVE-2014-9456. Fix notepad-plus-plus#12669
donho · Sep 2, 2024 · a9b5235 · a9b5235
1 parent a866900
commit a9b5235
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 4 deletions.
diff --git a/PowerEditor/src/Notepad_plus.cpp b/PowerEditor/src/Notepad_plus.cpp
@@ -3497,12 +3497,12 @@ void Notepad_plus::addHotSpot(ScintillaEditView* view)
 				pView->execute(SCI_INDICATORCLEARRANGE, startEncoded + startPos, lenEncoded);
 			startWide += lenWide;
 			startEncoded += lenEncoded;
+
 			if ((startWide >= wideTextLen) || ((startEncoded + startPos) >= endPos))
 				break;
 		}
-		assert ((startEncoded + startPos) == endPos);
-		assert (startWide == wideTextLen);
 	}
+
 	delete[] wideText;
 }
 

diff --git a/PowerEditor/src/ScintillaComponent/FunctionCallTip.h b/PowerEditor/src/ScintillaComponent/FunctionCallTip.h
@@ -27,8 +27,8 @@ class FunctionCallTip {
 	~FunctionCallTip() {/* cleanup(); */};
 	void setLanguageXML(TiXmlElement * pXmlKeyword);	//set calltip keyword node
 	bool updateCalltip(int ch, bool needShown = false);	//Ch is character typed, or 0 if another event occured. NeedShown is true if calltip should be attempted to displayed. Return true if calltip was made visible
-	void showNextOverload();							//show next overlaoded parameters
-	void showPrevOverload();							//show prev overlaoded parameters
+	void showNextOverload();							//show next overloaded parameters
+	void showPrevOverload();							//show prev overloaded parameters
 	bool isVisible() { return _pEditView?_pEditView->execute(SCI_CALLTIPACTIVE) == TRUE:false; };	//true if calltip visible
 	void close();					//Close calltip if visible