From 3fa8a89e76bf523cc4ea7ea1a111cb5ec8f21d4c Mon Sep 17 00:00:00 2001
From: Don Ho <don.h@free.fr>
Date: Sun, 29 Aug 2010 19:50:41 +0000
Subject: [PATCH] [BUG_FIXED] Fix a vulnerability: get full ScinLexer.dll path
 to avoid hijack.

git-svn-id: svn://svn.tuxfamily.org/svnroot/notepadplus/repository/trunk@657 f5eea248-9336-0410-98b8-ebc06183d4e3
---
 .../src/ScitillaComponent/ScintillaEditView.cpp      | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/PowerEditor/src/ScitillaComponent/ScintillaEditView.cpp b/PowerEditor/src/ScitillaComponent/ScintillaEditView.cpp
index 8b386b510..54d143929 100644
--- a/PowerEditor/src/ScitillaComponent/ScintillaEditView.cpp
+++ b/PowerEditor/src/ScitillaComponent/ScintillaEditView.cpp
@@ -22,7 +22,17 @@
 
 
 // initialize the static variable
-HINSTANCE ScintillaEditView::_hLib = ::LoadLibrary(TEXT("SciLexer.DLL"));
+
+// get full ScinLexer.dll path to avoid hijack
+TCHAR * getSciLexerFullPathName(TCHAR * moduleFileName, size_t len){
+	::GetModuleFileName(NULL, moduleFileName, len);
+	::PathRemoveFileSpec(moduleFileName);
+	::PathAppend(moduleFileName, TEXT("SciLexer.dll"));
+	return moduleFileName;
+};
+
+TCHAR moduleFileName[1024];
+HINSTANCE ScintillaEditView::_hLib = ::LoadLibrary(getSciLexerFullPathName(moduleFileName, 1024));
 int ScintillaEditView::_refCount = 0;
 UserDefineDialog ScintillaEditView::_userDefineDlg;