From 3f31704cafd7da3e86bb2861accf5e90c973e62a Mon Sep 17 00:00:00 2001
From: Matthew Fernandez <matthew.fernandez@gmail.com>
Date: Fri, 12 Jan 2024 17:06:17 +1100
Subject: [PATCH] gvc gvconfig_plugin_install_from_config: more tightly scope 
 'api'

Upstream-Status: Backport [https://gitlab.com/graphviz/graphviz/-/commit/3f31704cafd7da3e86bb2861accf5e90c973e62a]
CVE: CVE-2023-46045

Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com>
---
 lib/gvc/gvconfig.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/gvc/gvconfig.c b/lib/gvc/gvconfig.c
index f9d1dcc..95e8c6c 100644
--- a/lib/gvc/gvconfig.c
+++ b/lib/gvc/gvconfig.c
@@ -171,7 +171,7 @@ static char *token(int *nest, char **tokens)
 
 static int gvconfig_plugin_install_from_config(GVC_t * gvc, char *s)
 {
-    char *package_path, *name, *api;
+    char *package_path, *name;
     const char *type;
     int quality, rc;
     int nest = 0;
@@ -186,7 +186,7 @@ static int gvconfig_plugin_install_from_config(GVC_t * gvc, char *s)
 	    name = "x";
         package = gvplugin_package_record(gvc, package_path, name);
 	do {
-	    api = token(&nest, &s);
+	    const char *api = token(&nest, &s);
 	    const api_t gv_api = gvplugin_api(api);
 	    do {
 		if (nest == 2) {
-- 
2.40.0