guix-devel/gnu/packages/patches/a2ps-CVE-2015-8107.patch

https://sources.debian.org/data/main/a/a2ps/1:4.14-2/debian/patches/fix-format-security.diff

Index: b/lib/psgen.c
===================================================================
--- a/lib/psgen.c
+++ b/lib/psgen.c
@@ -232,7 +232,7 @@
     default:
       *buf = '\0';
       ps_escape_char (job, cp[i], buf);
-      output (jdiv, (char *) buf);
+      output (jdiv, "%s", (char *) buf);
       break;
     }
   }
Index: b/lib/output.c
===================================================================
--- a/lib/output.c
+++ b/lib/output.c
@@ -525,7 +525,7 @@
 		     expand_user_string (job, FIRST_FILE (job),
 					 (const uchar *) "Expand: requirement",
 					 (const uchar *) token));
-	output (dest, expansion);
+	output (dest, "%s", expansion);
 	continue;
       }
 
Index: b/lib/parseppd.y
===================================================================
--- a/lib/parseppd.y
+++ b/lib/parseppd.y
@@ -154,7 +154,7 @@
 void
 yyerror (const char *msg)
 {
-  error_at_line (1, 0, ppdfilename, ppdlineno, msg);
+  error_at_line (1, 0, ppdfilename, ppdlineno, "%s", msg);
 }
 
 /*
Index: b/src/parsessh.y
===================================================================
--- a/src/parsessh.y
+++ b/src/parsessh.y
@@ -740,7 +740,7 @@
 void
 yyerror (const char *msg)
 {
-  error_at_line (1, 0, sshfilename, sshlineno, msg);
+  error_at_line (1, 0, sshfilename, sshlineno, "%s", msg);
 }
 
 /*
Index: b/lib/parseppd.c
===================================================================
--- a/lib/parseppd.c
+++ b/lib/parseppd.c
@@ -1707,7 +1707,7 @@
 void
 yyerror (const char *msg)
 {
-  error_at_line (1, 0, ppdfilename, ppdlineno, msg);
+  error_at_line (1, 0, ppdfilename, ppdlineno, "%s", msg);
 }
 
 /*
Index: b/src/parsessh.c
===================================================================
--- a/src/parsessh.c
+++ b/src/parsessh.c
@@ -2639,7 +2639,7 @@
 void
 yyerror (const char *msg)
 {
-  error_at_line (1, 0, sshfilename, sshlineno, msg);
+  error_at_line (1, 0, sshfilename, sshlineno, "%s", msg);
 }
 
 /*
gnu: a2ps: Fix CVE-2015-8107. * gnu/packages/pretty-print.scm (a2ps)[source]: Add patch. * gnu/packages/patches/a2ps-CVE-2015-8107.patch: New file. * gnu/local.mk (dist_patch_DATA): Register it. 2019-07-10 11:45:08 +02:00			`https://sources.debian.org/data/main/a/a2ps/1:4.14-2/debian/patches/fix-format-security.diff`

			`Index: b/lib/psgen.c`
			`===================================================================`
			`--- a/lib/psgen.c`
			`+++ b/lib/psgen.c`
			`@@ -232,7 +232,7 @@`
			`default:`
			`*buf = '\0';`
			`ps_escape_char (job, cp[i], buf);`
			`- output (jdiv, (char *) buf);`
			`+ output (jdiv, "%s", (char *) buf);`
			`break;`
			`}`
			`}`
			`Index: b/lib/output.c`
			`===================================================================`
			`--- a/lib/output.c`
			`+++ b/lib/output.c`
			`@@ -525,7 +525,7 @@`
			`expand_user_string (job, FIRST_FILE (job),`
			`(const uchar *) "Expand: requirement",`
			`(const uchar *) token));`
			`- output (dest, expansion);`
			`+ output (dest, "%s", expansion);`
			`continue;`
			`}`

			`Index: b/lib/parseppd.y`
			`===================================================================`
			`--- a/lib/parseppd.y`
			`+++ b/lib/parseppd.y`
			`@@ -154,7 +154,7 @@`
			`void`
			`yyerror (const char *msg)`
			`{`
			`- error_at_line (1, 0, ppdfilename, ppdlineno, msg);`
			`+ error_at_line (1, 0, ppdfilename, ppdlineno, "%s", msg);`
			`}`

			`/*`
			`Index: b/src/parsessh.y`
			`===================================================================`
			`--- a/src/parsessh.y`
			`+++ b/src/parsessh.y`
			`@@ -740,7 +740,7 @@`
			`void`
			`yyerror (const char *msg)`
			`{`
			`- error_at_line (1, 0, sshfilename, sshlineno, msg);`
			`+ error_at_line (1, 0, sshfilename, sshlineno, "%s", msg);`
			`}`

			`/*`
			`Index: b/lib/parseppd.c`
			`===================================================================`
			`--- a/lib/parseppd.c`
			`+++ b/lib/parseppd.c`
			`@@ -1707,7 +1707,7 @@`
			`void`
			`yyerror (const char *msg)`
			`{`
			`- error_at_line (1, 0, ppdfilename, ppdlineno, msg);`
			`+ error_at_line (1, 0, ppdfilename, ppdlineno, "%s", msg);`
			`}`

			`/*`
			`Index: b/src/parsessh.c`
			`===================================================================`
			`--- a/src/parsessh.c`
			`+++ b/src/parsessh.c`
			`@@ -2639,7 +2639,7 @@`
			`void`
			`yyerror (const char *msg)`
			`{`
			`- error_at_line (1, 0, sshfilename, sshlineno, msg);`
			`+ error_at_line (1, 0, sshfilename, sshlineno, "%s", msg);`
			`}`

			`/*`