1 This patch is taken from upstream and modified to adjust our currently

     2 released version.

     3 

     4 From 99eda421f7ddc27b14e4ac1d2126e5fe41719081 Mon Sep 17 00:00:00 2001

     5 From: "Emden R. Gansner" <[email protected]>

     6 Date: Mon, 24 Nov 2014 14:32:58 -0500

     7 Subject: [PATCH] Fix format string vulnerability in using agerr() to report

     8  errors during parsing. We now use a fixed format %s, and pass the error

     9  string as an argument.

    10 

    11 ---

    12  lib/cgraph/scan.l | 3 ++-

    13  1 file changed, 2 insertions(+), 1 deletion(-)

    14 

    15 diff --git a/lib/cgraph/scan.l b/lib/cgraph/scan.l

    16 index 85a150a..a5872f4 100644

    17 --- a/lib/cgraph/scan.l

    18 +++ b/lib/cgraph/scan.l

    19 @@ -225,6 +225,7 @@ ID		({NAME}|{NUMBER})

    20  <hstring>([^><\n]*)		addstr(yytext);

    21  .						return (yytext[0]);

    22  %%

    23 + 

    24  void yyerror(char *str)

    25  {

    26  	unsigned char	xbuf[BUFSIZ];

    27 @@ -273,7 +274,7 @@ void yyerror(char *str)

    28 	agxbput (&xb, yytext);

    29 	agxbput (&xb,"'\n");

    30 -	agerr(AGWARN,agxbuse(&xb));

    31 +	agerr(AGWARN, "%s", agxbuse(&xb));

    32  	agxbfree(&xb);

    33  }

    34  /* must be here to see flex's macro defns */