From 8b56e59714d87181505e4678f0d6d39955caf10e Mon Sep 17 00:00:00 2001
From: "tobias@openbsd.org" <tobias@openbsd.org>
Date: Fri, 4 Dec 2015 21:51:06 +0000
Subject: [PATCH] upstream commit

Properly handle invalid %-format by calling fatal.

ok deraadt, djm

Upstream-ID: 5692bce7d9f6eaa9c488cb93d3b55e758bef1eac
---
 misc.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/misc.c b/misc.c
index b358a035e..9d11d2832 100644
--- a/misc.c
+++ b/misc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: misc.c,v 1.99 2015/10/24 08:34:09 sthen Exp $ */
+/* $OpenBSD: misc.c,v 1.100 2015/12/04 21:51:06 tobias Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  * Copyright (c) 2005,2006 Damien Miller.  All rights reserved.
@@ -604,6 +604,8 @@ percent_expand(const char *string, ...)
 		/* %% case */
 		if (*string == '%')
 			goto append;
+		if (*string == '\0')
+			fatal("%s: invalid format", __func__);
 		for (j = 0; j < num_keys; j++) {
 			if (strchr(keys[j].key, *string) != NULL) {
 				i = strlcat(buf, keys[j].repl, sizeof(buf));