Description: source: format-security bug fix
 Fix (f|s|sn)printf ``format{s with} no{} string litteral and no format
 arguments [-Wformat-security]'' as detected by gcc by implementing a
 (dummy) `"%s"' format; meant to be submitted to the upstream maintainer.
Origin: debian
Forwarded: by email
Author: Jerome Benoit <calculus@rezozer.net>
Last-Update: 2016-07-16

--- a/src/evalmore.c
+++ b/src/evalmore.c
@@ -3794,7 +3794,7 @@
           if ( node->op1.string ) s = node->op1.string;
           else s = *(char**)(stacktop--);
           oldquiet = quiet_flag; quiet_flag = 0;
-          sprintf(msg,s);
+          sprintf(msg,"%s",s);
           outstring(msg);
           quiet_flag = oldquiet;
           break;
@@ -3802,7 +3802,7 @@
     case ERRPRINTFHEAD_NODE:
           if ( node->op1.string ) s = node->op1.string;
           else s = *(char**)(stacktop--);
-          sprintf(errmsg,s);
+          sprintf(errmsg,"%s",s);
           erroutstring(errmsg);
           break;