gnu/packages/patches/a2ps-CVE-2015-8107.patch

   1 https://sources.debian.org/data/main/a/a2ps/1:4.14-2/debian/patches/fix-format-security.diff
   2
   3 Index: b/lib/psgen.c
   4 ===================================================================
   5 --- a/lib/psgen.c
   6 +++ b/lib/psgen.c
   7 @@ -232,7 +232,7 @@
   8      default:
   9        *buf = '\0';
  10        ps_escape_char (job, cp[i], buf);
  11 -      output (jdiv, (char *) buf);
  12 +      output (jdiv, "%s", (char *) buf);
  13        break;
  14      }
  15    }
  16 Index: b/lib/output.c
  17 ===================================================================
  18 --- a/lib/output.c
  19 +++ b/lib/output.c
  20 @@ -525,7 +525,7 @@
  21                      expand_user_string (job, FIRST_FILE (job),
  22                                          (const uchar *) "Expand: requirement",
  23                                          (const uchar *) token));
  24 -       output (dest, expansion);
  25 +       output (dest, "%s", expansion);
  26         continue;
  27        }
  28
  29 Index: b/lib/parseppd.y
  30 ===================================================================
  31 --- a/lib/parseppd.y
  32 +++ b/lib/parseppd.y
  33 @@ -154,7 +154,7 @@
  34  void
  35  yyerror (const char *msg)
  36  {
  37 -  error_at_line (1, 0, ppdfilename, ppdlineno, msg);
  38 +  error_at_line (1, 0, ppdfilename, ppdlineno, "%s", msg);
  39  }
  40
  41  /*
  42 Index: b/src/parsessh.y
  43 ===================================================================
  44 --- a/src/parsessh.y
  45 +++ b/src/parsessh.y
  46 @@ -740,7 +740,7 @@
  47  void
  48  yyerror (const char *msg)
  49  {
  50 -  error_at_line (1, 0, sshfilename, sshlineno, msg);
  51 +  error_at_line (1, 0, sshfilename, sshlineno, "%s", msg);
  52  }
  53
  54  /*
  55 Index: b/lib/parseppd.c
  56 ===================================================================
  57 --- a/lib/parseppd.c
  58 +++ b/lib/parseppd.c
  59 @@ -1707,7 +1707,7 @@
  60  void
  61  yyerror (const char *msg)
  62  {
  63 -  error_at_line (1, 0, ppdfilename, ppdlineno, msg);
  64 +  error_at_line (1, 0, ppdfilename, ppdlineno, "%s", msg);
  65  }
  66
  67  /*
  68 Index: b/src/parsessh.c
  69 ===================================================================
  70 --- a/src/parsessh.c
  71 +++ b/src/parsessh.c
  72 @@ -2639,7 +2639,7 @@
  73  void
  74  yyerror (const char *msg)
  75  {
  76 -  error_at_line (1, 0, sshfilename, sshlineno, msg);
  77 +  error_at_line (1, 0, sshfilename, sshlineno, "%s", msg);
  78  }
  79
  80  /*