Bug 456892 (aget)
Summary: | Review Request: aget - multi-threaded download accelerator | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Paul Gössinger <paul.goessinger> |
Component: | Package Review | Assignee: | Nobody's working on this, feel free to take it <nobody> |
Status: | CLOSED NOTABUG | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | medium | Docs Contact: | |
Priority: | low | ||
Version: | rawhide | CC: | fedora-package-review, itamar, mmahut, notting, sundaram |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2009-07-17 17:59:33 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 201449 |
Description
Paul Gössinger
2008-07-28 14:21:36 UTC
So this one is back. Good to see. I can approve this package but I can't sponsor you. Refer http://fedoraproject.org/wiki/PackageMaintainers/HowToGetSponsored I have an approach problem here. This program has already been part of fedora (https://bugzilla.redhat.com/show_bug.cgi?id=313481) but was orphaned after failing mass rebuild for F-9 (https://bugzilla.redhat.com/show_bug.cgi?id=434350) I think that a better approach would be to have the existing package patched and transfer maintenance to someone else if Rahul is no longer interested. As a separate issue is that the current release tag in http://cvs.fedoraproject.org/viewcvs/rpms/aget/devel/aget.spec?rev=1.3&view=markup is 5 which is greater than the 3 from this bug (which anyway should have been 4 according to the changelog in the spec) Yes, this an orphaned package, I just took the F8 srpm and patched the spec file to build under F9. I would like to maintain the package (as soon as I get sponsored) Yes the release tag was wrong, since its the first build on F9 its actually 1 so the new package is here: http://goessinger.eu/fedora/aget/aget.spec http://goessinger.eu/fedora/aget/aget-0.4-1.fc9.src.rpm any comments are welcome Ok, sry, you are right, release number is 4. http://goessinger.eu/fedora/aget/aget.spec http://goessinger.eu/fedora/aget/aget-0.4-4.fc9.src.rpm Paul This is an unofficial review (As I am not a sponsor) Just to help this package move on. There are few warnings are cosmetic but if reported upstream, will be good(as code base is too small & warnings are two trivial). They are very easy to fix also: First set: ---------- tables -D_GNU_SOURCE -c -o Signal.o Signal.c In function 'snprintf', inlined from 'resume_get' at Aget.c:179: /usr/include/bits/stdio2.h:65: warning: call to __builtin___snprintf_chk will always overflow destination buffer In function 'snprintf', inlined from 'get' at Aget.c:101: /usr/include/bits/stdio2.h:65: warning: call to __builtin___snprintf_chk will always overflow destination buffer Both of these can be fixed with snprintf(<char_ptr>, size .... size greater then or equal to size actually allocated to <char_ptr>. Second set: ----------- tables -D_GNU_SOURCE -c -o Resume.o Resume.c Resume.c: In function 'save_log': Resume.c:45: warning: ignoring return value of 'fwrite', declared with attribute warn_unused_result Resume.c: In function 'read_log': Resume.c:77: warning: ignoring return value of 'fread', declared with attribute warn_unused_result gcc -o aget main.o Aget.o Misc.o Head.o Signal.o Download.o Resume.o -pthread Handling the return value of fwrite and fread. In case these calls face, printing an error message to stderr. Your patch for including error.h places include directive at not so good place. May you move it along with standard header files included in source files. Between have you reported the already attached patch upstream? Note: These are cosmetic issues and don't block. But it would be great if they are resolved. [x] name [x] md5sum 1d32390f5ea2ddd82dfbb1794cdfa92f upstream source 1d32390f5ea2ddd82dfbb1794cdfa92f package source [x] license -- except COPYING file there is no mention of license in code files. Have you confirmed about BSD license? [x] Spec file is in American Eng and legible [x] Build successfully [x] BuildRequires [x] Duplicate files - nil [NA] locale [x] permissions -- okay [x] source link correct [x] packaging guidlines [x] Buildroot correct [x] owns every directory it creates [x] file encoding - checked [x] package has no dependency on files in %doc [NA] GUI [x] No dependencies outside FHS guidelines Optional suggestions: [x] A small patch to correct warnings and Makefile. Key NA = N/A, x = Check, ! = Problem, ? = Not evaluate ping Hi Rakesh, sorry that I did not replied. According to http://www.enderunix.org/aget/ aget currently has no developer. So I cant push anything upstream. Paul BTW, aget is already in Fedora, but an orphan. https://admin.fedoraproject.org/pkgdb/packages/name/aget Yes. It needs this review to be complete as last commit was well over 6 months back. @Paul - these are not blocking issues, you may like to work on getting yourself sponsored :-) For help read HowToGetSponsored on wiki. (some more packaging + few unofficial reviews + mentioning to a sponsor in notes are keys) Note: I am not a sponsor. Thanks, @paul Are you interested in getting yourself sponsored, and maintain this package ? Please read the wiki link pasted by Rahul. It is nearly a month already and no update. Thanks yes I would like to get sponsored and maintain this package. I read/understood the wiki page and created all needed accounts/mailing lists I dont know what update you are expecting. The package is working, and the ticket is blocked by FE-NEEDSPONSOR which indicates that i need a sponsor. Maybe I missed something. Cheers, Paul aget is orphaned , also aget is a dead project, there are no one working in it(no developers) I don't have tried axel, but seems to do the same thing. https://bugzilla.redhat.com/show_bug.cgi?id=454980 I don't know if is a good idea to include aget again in fedora. but if you want to do this go ahead. > these are not blocking issues
These are format string buffer overflows and ought to get fixed.
Run-time parameters (url, host, range) can cause a crash.
Do a "grep GETREQ *" in the source tree and notice that during
allocation of the buffer, the size is reduced by 2:
Aget.c: fmt = (char *)calloc(GETREQSIZ - 2, sizeof(char));
The snprintf size, however, is not reduced by 2:
Aget.c: snprintf(fmt, GETREQSIZ, GETREQ, req->url, req->host, PROGVERSION, soffset);
Defs.h: GETREQSIZ = 256,
Defs.h:#define GETREQ "GET %s HTTP/1.1\r\nHost: %s\r\nUser-Agent: %s\r\nRange: bytes=%ld-\r\nConnection: close\r\n\r\n"
So, over eight months later, I see no response to Michael's commentary. I will close this ticket soon if there is no further progress. No response; closing. Since there is no development on aget anymore we can keep it closed. Paul |