From 361f274ca901c3c476697a6404662d95f4dd43cb Mon Sep 17 00:00:00 2001
From: Matthew Fernandez <matthew.fernandez@gmail.com>
Date: Fri, 12 Jan 2024 17:06:17 +1100
Subject: [PATCH] gvc gvconfig_plugin_install_from_config: more tightly scope 
 'gv_api'

Upstream-Status: Backport [https://gitlab.com/graphviz/graphviz/-/commit/361f274ca901c3c476697a6404662d95f4dd43cb]
CVE: CVE-2023-46045
 
Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com>
---
 lib/gvc/gvconfig.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/lib/gvc/gvconfig.c b/lib/gvc/gvconfig.c
index 2d86321..f9d1dcc 100644
--- a/lib/gvc/gvconfig.c
+++ b/lib/gvc/gvconfig.c
@@ -173,7 +173,6 @@ static int gvconfig_plugin_install_from_config(GVC_t * gvc, char *s)
 {
     char *package_path, *name, *api;
     const char *type;
-    api_t gv_api;
     int quality, rc;
     int nest = 0;
     gvplugin_package_t *package;
@@ -188,7 +187,7 @@ static int gvconfig_plugin_install_from_config(GVC_t * gvc, char *s)
         package = gvplugin_package_record(gvc, package_path, name);
 	do {
 	    api = token(&nest, &s);
-	    gv_api = gvplugin_api(api);
+	    const api_t gv_api = gvplugin_api(api);
 	    do {
 		if (nest == 2) {
 		    type = token(&nest, &s);
-- 
2.40.0