From ed5bdffc84fce53f9d65c1ac5f18dbcb83bdd0be Mon Sep 17 00:00:00 2001
From: David Cooper <david.cooper@nist.gov>
Date: Fri, 6 Mar 2020 12:21:18 -0500
Subject: [PATCH] Fix printing percent characters

This commit makes the same change as #1499, but in the 3.0 branch.
---
 testssl.sh | 13 ++++++-------
 1 file changed, 6 insertions(+), 7 deletions(-)

diff --git a/testssl.sh b/testssl.sh
index 5e24e1d..98e9a2d 100755
--- a/testssl.sh
+++ b/testssl.sh
@@ -498,17 +498,16 @@ html_reserved(){
 
 html_out() {
      "$do_html" || return 0
-     [[ -n "$HTMLFILE" ]] && [[ ! -d "$HTMLFILE" ]] && printf -- "%b" "${1//%/%%}" >> "$HTMLFILE"
-     # here and other printf's: a little bit of sanitizing with bash internal search&replace -- otherwise printf will hiccup at '%'. '--' and %b do the rest.
+     [[ -n "$HTMLFILE" ]] && [[ ! -d "$HTMLFILE" ]] && printf -- "%b" "$1" >> "$HTMLFILE"
 }
 
 # This is intentionally the same.
-safe_echo()  { printf -- "%b" "${1//%/%%}"; }
-tm_out()     { printf -- "%b" "${1//%/%%}"; }
-tmln_out()   { printf -- "%b" "${1//%/%%}\n"; }
+safe_echo()  { printf -- "%b" "$1"; }
+tm_out()     { printf -- "%b" "$1"; }
+tmln_out()   { printf -- "%b" "$1\n"; }
 
-out()   { printf -- "%b" "${1//%/%%}"; html_out "$(html_reserved "$1")"; }
-outln() { printf -- "%b" "${1//%/%%}\n"; html_out "$(html_reserved "$1")\n"; }
+out()   { printf -- "%b" "$1"; html_out "$(html_reserved "$1")"; }
+outln() { printf -- "%b" "$1\n"; html_out "$(html_reserved "$1")\n"; }
 
 
 #TODO: Still no shell injection safe but if just run it from the cmd line: that's fine