From 9bc2b6995b5c82e900d3a22881cce9c24395dfb8 Mon Sep 17 00:00:00 2001
From: dinoex <dinoex@FreeBSD.org>
Date: Wed, 29 Jul 2015 13:01:15 +0000
Subject: - import security fix from git Security: format string vulnerability

---
 graphics/graphviz/Makefile                        |  2 +-
 graphics/graphviz/files/patch-cmd-tools-gmlscan.l | 11 +++++++++++
 graphics/graphviz/files/patch-lib-cgraph-scan.l   | 20 ++++++++++++++++++++
 3 files changed, 32 insertions(+), 1 deletion(-)
 create mode 100644 graphics/graphviz/files/patch-cmd-tools-gmlscan.l
 create mode 100644 graphics/graphviz/files/patch-lib-cgraph-scan.l

(limited to 'graphics/graphviz')

diff --git a/graphics/graphviz/Makefile b/graphics/graphviz/Makefile
index 3561332af6c3..9edb0d1dde5b 100644
--- a/graphics/graphviz/Makefile
+++ b/graphics/graphviz/Makefile
@@ -3,7 +3,7 @@
 
 PORTNAME=	graphviz
 PORTVERSION=	2.38.0
-PORTREVISION=	6
+PORTREVISION=	7
 CATEGORIES=	graphics tk
 MASTER_SITES=	http://www.graphviz.org/pub/graphviz/ARCHIVE/
 
diff --git a/graphics/graphviz/files/patch-cmd-tools-gmlscan.l b/graphics/graphviz/files/patch-cmd-tools-gmlscan.l
new file mode 100644
index 000000000000..75c7c5cc940d
--- /dev/null
+++ b/graphics/graphviz/files/patch-cmd-tools-gmlscan.l
@@ -0,0 +1,11 @@
+--- cmd/tools/gmlscan.l.orig	2014-04-13 22:40:25.000000000 +0200
++++ cmd/tools/gmlscan.l	2015-07-29 14:51:42.000000000 +0200
+@@ -127,7 +127,7 @@
+ 	return;
+     errors = 1;
+     sprintf(buf," %s in line %d near '%s'\n", str,line_num,yytext);
+-    agerr(AGWARN,buf);
++    agerr(AGWARN, "%s", buf);
+ }
+ 
+ int gmlerrors()
diff --git a/graphics/graphviz/files/patch-lib-cgraph-scan.l b/graphics/graphviz/files/patch-lib-cgraph-scan.l
new file mode 100644
index 000000000000..7d11037f02a9
--- /dev/null
+++ b/graphics/graphviz/files/patch-lib-cgraph-scan.l
@@ -0,0 +1,20 @@
+--- lib/cgraph/scan.l.orig	2014-04-13 22:40:25.000000000 +0200
++++ lib/cgraph/scan.l	2015-07-29 14:51:27.000000000 +0200
+@@ -149,7 +149,7 @@
+ 	agxbput(&xb,buf);
+ 	agxbput(&xb,fname);
+ 	agxbput(&xb, " splits into two tokens\n");
+-	agerr(AGWARN,agxbuse(&xb));
++	agerr(AGWARN, "%s", agxbuse(&xb));
+ 
+ 	agxbfree(&xb);
+ 	return 1;
+@@ -225,7 +225,7 @@
+ 	agxbput (&xb, buf);
+ 	agxbput (&xb, yytext);
+ 	agxbput (&xb,"'\n");
+-	agerr(AGERR,agxbuse(&xb));
++	agerr(AGERR, "%s", agxbuse(&xb));
+ 	agxbfree(&xb);
+ }
+ /* must be here to see flex's macro defns */
-- 
cgit