From d511fa8d1793bd96a500d538c1bad7314e02f27c Mon Sep 17 00:00:00 2001
From: Mike Gerwitz <mtg@gnu.org>
Date: Sun, 31 Dec 2023 16:04:20 -0500
Subject: [PATCH] prom.awk: Correct regex escape

I'm not confident this ever worked as intended.  Unless behavior in
newer Gawks changed (since now it is issuing a warning where it wasn't
previously).

This replaced double quotes with '0'..which certainly solves the
security problem of double quotes, but not in the intended way.  I have
no labels with double quotes and so never noticed.

I suspect that I tried using // delimiters to avoid having to go through
this escape mess ("\\\\" to produce "\\" which is recogniezd as a single
"\" in the replacement, and then a fifth to escape the double quote.
What a mess.
---
 prom.awk | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/prom.awk b/prom.awk
index 6a5ef39..fd61270 100644
--- a/prom.awk
+++ b/prom.awk
@@ -109,7 +109,7 @@ function _prom_assert_valid_label(name) {
 
 # Escape double quotes in label value VALUE and return the result.
 function _prom_label_escape(value) {
-  return gensub(/"/, /\"/, "g", value)
+  return gensub(/"/, "\\\\\"", "g", value)
 }