From b9ce84888150da5b335b373a390ecb0065291c61 Mon Sep 17 00:00:00 2001
From: Don HO <don.h@free.fr>
Date: Fri, 18 Jan 2019 00:40:01 +0100
Subject: [PATCH] [EU-FOSSA] Fix EXE Hijacking of gup.exe launched by Notepad++

Notepad++ launches updater (gup.exe) without checking the signature, that makes exe hacking possible.
The fix is to check updater binary's signature before launching it.
---
 PowerEditor/src/winmain.cpp | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/PowerEditor/src/winmain.cpp b/PowerEditor/src/winmain.cpp
index 84a0939d3..470b09ecf 100644
--- a/PowerEditor/src/winmain.cpp
+++ b/PowerEditor/src/winmain.cpp
@@ -29,6 +29,7 @@
 #include "Processus.h"
 #include "Win32Exception.h"	//Win32 exception
 #include "MiniDumper.h"			//Write dump files
+#include "verifySignedFile.h"
 
 typedef std::vector<generic_string> ParamVector;
 
@@ -492,12 +493,16 @@ int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE, LPSTR, int)
 	// wingup doesn't work with the obsolet security layer (API) under xp since downloadings are secured with SSL on notepad_plus_plus.org
 	winVer ver = pNppParameters->getWinVersion();
 	bool isGtXP = ver > WV_XP;
-	if (TheFirstOne && isUpExist && doUpdate && isGtXP)
+
+	bool isSignatureOK = VerifySignedLibrary(updaterFullPath.c_str(), NPP_COMPONENT_SIGNER_KEY_ID, NPP_COMPONENT_SIGNER_SUBJECT, NPP_COMPONENT_SIGNER_DISPLAY_NAME, false, false, false);
+
+	if (TheFirstOne && isUpExist && doUpdate && isGtXP && isSignatureOK)
 	{
 		if (pNppParameters->isx64())
 		{
 			updaterParams += TEXT(" -px64");
 		}
+
 		Process updater(updaterFullPath.c_str(), updaterParams.c_str(), updaterDir.c_str());
 		updater.run();