1 https://sources.debian.org/data/main/a/a2ps/1:4.14-2/debian/patches/fix-format-security.diff
4 ===================================================================
10 ps_escape_char (job, cp[i], buf);
11 - output (jdiv, (char *) buf);
12 + output (jdiv, "%s", (char *) buf);
17 ===================================================================
21 expand_user_string (job, FIRST_FILE (job),
22 (const uchar *) "Expand: requirement",
23 (const uchar *) token));
24 - output (dest, expansion);
25 + output (dest, "%s", expansion);
29 Index: b/lib/parseppd.y
30 ===================================================================
35 yyerror (const char *msg)
37 - error_at_line (1, 0, ppdfilename, ppdlineno, msg);
38 + error_at_line (1, 0, ppdfilename, ppdlineno, "%s", msg);
42 Index: b/src/parsessh.y
43 ===================================================================
48 yyerror (const char *msg)
50 - error_at_line (1, 0, sshfilename, sshlineno, msg);
51 + error_at_line (1, 0, sshfilename, sshlineno, "%s", msg);
55 Index: b/lib/parseppd.c
56 ===================================================================
61 yyerror (const char *msg)
63 - error_at_line (1, 0, ppdfilename, ppdlineno, msg);
64 + error_at_line (1, 0, ppdfilename, ppdlineno, "%s", msg);
68 Index: b/src/parsessh.c
69 ===================================================================
74 yyerror (const char *msg)
76 - error_at_line (1, 0, sshfilename, sshlineno, msg);
77 + error_at_line (1, 0, sshfilename, sshlineno, "%s", msg);