Bug 460727
| Summary: | Review Request: gnujump - A jumping game which is a clone of xjump | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Vivek Shah <boni.vivek> |
| Component: | Package Review | Assignee: | Jason Tibbitts <j> |
| Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | rawhide | CC: | bogado, debarshir, fedora-package-review, mlichvar, notting, pahan |
| Target Milestone: | --- | Flags: | j:
fedora-review+
kevin: fedora-cvs+ |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | 1.0.6-2.fc10 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2009-07-23 19:00:40 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Vivek Shah
2008-08-30 10:34:58 UTC
I was trying to test it but the application once installed it did not work correctly,failling with a buffer overflow : $ gnujump WARNING: Can't open config file (/home/bogado/.gnujump/gnujump.cfg). I will create one later. *** buffer overflow detected ***: gnujump terminated ======= Backtrace: ========= /lib64/libc.so.6(__fortify_fail+0x37)[0x3b50cfce77] /lib64/libc.so.6[0x3b50cfacb0] /lib64/libc.so.6[0x3b50cfa049] /lib64/libc.so.6(_IO_default_xsputn+0x96)[0x3b50c76a46] /lib64/libc.so.6(_IO_vfprintf+0x1702)[0x3b50c47fd2] /lib64/libc.so.6(__vsprintf_chk+0x9d)[0x3b50cfa0ed] /lib64/libc.so.6(__sprintf_chk+0x80)[0x3b50cfa030] gnujump[0x40f852] gnujump[0x406335] /lib64/libc.so.6(__libc_start_main+0xfa)[0x3b50c1e32a] gnujump[0x402949] ======= Memory map: ======== 00110000-0012f000 r-xp 00000000 fd:01 3236679 /usr/lib64/libSDL_mixer-1.2.so.0.2.6 0012f000-0032e000 ---p 0001f000 fd:01 3236679 /usr/lib64/libSDL_mixer-1.2.so.0.2.6 0032e000-00338000 rw-p 0001e000 fd:01 3236679 /usr/lib64/libSDL_mixer-1.2.so.0.2.6 00338000-0035c000 rw-p 00338000 00:00 0 00400000-0041a000 r-xp 00000000 fd:01 3236628 /usr/bin/gnujump 0061a000-0061b000 rw-p 0001a000 fd:01 3236628 /usr/bin/gnujump 013c0000-013e1000 rw-p 013c0000 00:00 0 [heap] 3426600000-342660b000 r-xp 00000000 fd:01 3236548 /usr/lib64/libSDL_image-1.2.so.0.1.5 342660b000-342680b000 ---p 0000b000 fd:01 3236548 /usr/lib64/libSDL_image-1.2.so.0.1.5 342680b000-342680c000 rw-p 0000b000 fd:01 3236548 /usr/lib64/libSDL_image-1.2.so.0.1.5 342680c000-342681c000 rw-p 342680c000 00:00 0 3427e00000-3427e59000 r-xp 00000000 fd:01 3236453 /usr/lib64/libtiff.so.3.8.2 3427e59000-3428058000 ---p 00059000 fd:01 3236453 /usr/lib64/libtiff.so.3.8.2 3428058000-342805b000 rw-p 00058000 fd:01 3236453 /usr/lib64/libtiff.so.3.8.2 37dd000000-37dd069000 r-xp 00000000 fd:01 3256735 /usr/lib64/libGL.so.1.2 37dd069000-37dd269000 ---p 00069000 fd:01 3256735 /usr/lib64/libGL.so.1.2 37dd269000-37dd273000 rw-p 00069000 fd:01 3256735 /usr/lib64/libGL.so.1.2 37dd273000-37dd274000 rw-p 37dd273000 00:00 0 3b50800000-3b5081d000 r-xp 00000000 fd:01 130884 /lib64/ld-2.8.so 3b50a1c000-3b50a1d000 r--p 0001c000 fd:01 130884 /lib64/ld-2.8.so 3b50a1d000-3b50a1e000 rw-p 0001d000 fd:01 130884 /lib64/ld-2.8.so 3b50c00000-3b50d62000 r-xp 00000000 fd:01 130885 /lib64/libc-2.8.so 3b50d62000-3b50f62000 ---p 00162000 fd:01 130885 /lib64/libc-2.8.so 3b50f62000-3b50f66000 r--p 00162000 fd:01 130885 /lib64/libc-2.8.so 3b50f66000-3b50f67000 rw-p 00166000 fd:01 130885 /lib64/libc-2.8.so 3b50f67000-3b50f6c000 rw-p 3b50f67000 00:00 0 3b51000000-3b51084000 r-xp 00000000 fd:01 131032 /lib64/libm-2.8.so 3b51084000-3b51283000 ---p 00084000 fd:01 131032 /lib64/libm-2.8.so 3b51283000-3b51284000 r--p 00083000 fd:01 131032 /lib64/libm-2.8.so 3b51284000-3b51285000 rw-p 00084000 fd:01 131032 /lib64/libm-2.8.so 3b51400000-3b51402000 r-xp 00000000 fd:01 130887 /lib64/libdl-2.8.so 3b51402000-3b51602000 ---p 00002000 fd:01 130887 /lib64/libdl-2.8.so 3b51602000-3b51603000 r--p 00002000 fd:01 130887 /lib64/libdl-2.8.so 3b51603000-3b51604000 rw-p 00003000 fd:01 130887 /lib64/libdl-2.8.so 3b51800000-3b51816000 r-xp 00000000 fd:01 130718 /lib64/libpthread-2.8.so 3b51816000-3b51a15000 ---p 00016000 fd:01 130718 /lib64/libpthread-2.8.so 3b51a15000-3b51a16000 r--p 00015000 fd:01 130718 /lib64/libpthread-2.8.so 3b51a16000-3b51a17000 rw-p 00016000 fd:01 130718 /lib64/libpthread-2.8.so 3b51a17000-3b51a1b000 rw-p 3b51a17000 00:00 0 3b52000000-3b52015000 r-xp 00000000 fd:01 130920 /lib64/libz.so.1.2.3 3b52015000-3b52214000 ---p 00015000 fd:01 130920 /lib64/libz.so.1.2.3 3b52214000-3b52215000 rw-p 00014000 fd:01 130920 /lib64/libz.so.1.2.3 3b52400000-3b5244c000 r-xp 00000000 fd:01 3243552 /usr/lib64/libmikmod.so.3.0.0 3b5244c000-3b5264c000 ---p 0004c000 fd:01 3243552 /usr/lib64/libmikmod.so.3.0.0 3b5264c000-3b5264f000 rw-p 0004c000 fd:01 3243552 /usr/lib64/libmikmod.so.3.0.0 3b5264f000-3b52654000 rw-p 3b5264f000 00:00 0 3b52c00000-3b52d06000 r-xp 00000000 fd:01 3463620 /usr/lib64/libX11.so.6.2.0 3b52d06000-3b52f05000 ---p 00106000 fd:01 3463620 /usr/lib64/libX11.so.6.2.0 3b52f05000-3b52f0b000 rw-p 00105000 fd:01 3463620 /usr/lib64/libX11.so.6.2.0 3b53000000-3b5301a000 r-xp 00000000 fd:01 3463613 /usr/lib64/libxcb.so.1.0.0 3b5301a000-3b5321a000 ---p 0001a000 fd:01 3463613 /usr/lib64/libxcb.so.1.0.0 3b5321a000-3b5321b000 rw-p 0001a000 fd:01 3463613 /usr/lib64/libxcb.so.1.0.0 3b53400000-3b53401000 r-xp 00000000 fd:01 3463617 /usr/lib64/libxcb-xlib.so.0.0.0 3b53401000-3b53600000 ---p 00001000 fd:01 3463617 /usr/lib64/libxcb-xlib.so.0.0.0 3b53600000-3b53601000 rw-p 00000000 fd:01 3463617 /usr/lib64/libxcb-xlib.so.0.0.0 3b53800000-3b53802000 r-xp 00000000 fd:01 3463611 /usr/lib64/libXau.so.6.0.0 3b53802000-3b53a01000 ---p 00002000 fd:01 3463611 /usr/lib64/libXau.so.6.0.0 3b53a01000-3b53a02000 rw-p 00001000 fd:01 3463611 /usr/lib64/libXau.so.6.0.0 3b53c00000-3b53c05000 r-xp 00000000 fd:01 3463612 /usr/lib64/libXdmcp.so.6.0.0 3b53c05000-3b53e04000 ---p 00005000 fd:01 3463612 /usr/lib64/libXdmcp.so.6.0.0 3b53e04000-3b53e05000 rw-p 00004000 fd:01 3463612 /usr/lib64/libXdmcp.so.6.0.0 3b54400000-3b54410000 r-xp 00000000 fd:01 3249769 /usr/lib64/libXext.so.6.4.0 3b54410000-3b54610000 ---p 00010000 fd:01 3249769 /usr/lib64/libXext.so.6.4.0 3b54610000-3b54611000 rw-p 00010000 fd:01 3249769 /usr/lib64/libXext.so.6.4.0 3b55800000-3b55825000 r-xp 00000000 fd:01 3463664 /usr/lib64/libpng12.so.0.29.0 3b55825000-3b55a25000 ---p 00025000 fd:01 3463664 /usr/lib64/libpng12.so.0.29.0 3b55a25000-3b55a26000 rw-p 00025000 fd:01 3463664 /usr/lib64/libpng12.so.0.29.0 3b56000000-3b56005000 r-xp 00000000 fd:01 3463756 /usr/lib64/libXfixes.so.3.1.0 3b56005000-3b56204000 ---p 00005000 fd:01 3463756 /usr/lib64/libXfixes.so.3.1.0 3b56204000-3b56205000 rw-p 00004000 fd:01 3463756 /usr/lib64/libXfixes.so.3.1.0 3b5b400000-3b5b416000 r-xp 00000000 fd:01 131035 /lib64/libgcc_s-4.3.0-20080428.so.1 3b5b416000-3b5b615000 ---p 00016000 fd:01 131035 /lib64/libgcc_s-4.3.0-20080428.so.1 3b5b615000-3b5b616000 rw-p 00015000 fd:01 131035 /lib64/libgcc_s-4.3.0-20080428.so.1 3b5c400000-3b5c422000 r-xp 00000000 fd:01 3244944 /usr/lib64/libjpeg.so.62.0.0 3b5c422000-3b5c622000 ---p 00022000 fd:01 3244944 /usr/lib64/libjpeg.so.62.0.0 3b5c622000-3b5c623000 rw-p 00022000 fd:01 3244944 /usr/lib64/libjpeg.so.62.0.0 3b5d000000-3b5d00a000 r-xp 00000000 fd:01 3463780 /usr/lib64/libdrm.so.2.3.0 3b5d00a000-3b5d20a000 ---p 0000a000 fd:01 3463780 /usr/lib64/libdrm.so.2.3.0 3b5d20a000-3b5d20b000 rw-p 0000a000 fd:01 3463780 /usr/lib64/libdrm.so.2.3.0 3b68400000-3b6846b000 r-xp 00000000 fd:01 3528675 /usr/lib64/libSDL-1.2.so.0.11.2 3b6846b000-3b6866a000 ---p 0006b000 fd:01 3528675 /usr/lib64/libSDL-1.2.so.0.11.2 3b6866a000-3b6866d000 rw-p 0006a000 fd:01 3528675 /usr/lib64/libSDL-1.2.so.0.11.2 3b6866d000-3b6869d000 rw-p 3b6866d000 00:00 0 3b68c00000-3b68c02000 r-xp 00000000 fd:01 3463774 /usr/lib64/libXdamage.so.1.1.0 3b68c02000-3b68e01000 ---p 00002000 fd:01 3463774 /usr/lib64/libXdamage.so.1.1.0 3b68e01000-3b68e02000 rw-p 00001000 fd:01 3463774 Aborted Here is the corresponding backtrace from GDB: (gdb) backtrace #0 0x000000314fc32215 in raise () from /lib64/libc.so.6 #1 0x000000314fc33d83 in abort () from /lib64/libc.so.6 #2 0x000000314fc72928 in __libc_message () from /lib64/libc.so.6 #3 0x000000314fcfce77 in __fortify_fail () from /lib64/libc.so.6 #4 0x000000314fcfacb0 in __chk_fail () from /lib64/libc.so.6 #5 0x000000314fcfa049 in _IO_str_chk_overflow () from /lib64/libc.so.6 #6 0x000000314fc76a46 in _IO_default_xsputn_internal () from /lib64/libc.so.6 #7 0x000000314fc47fd2 in vfprintf () from /lib64/libc.so.6 #8 0x000000314fcfa0ed in __vsprintf_chk () from /lib64/libc.so.6 #9 0x000000314fcfa030 in __sprintf_chk () from /lib64/libc.so.6 #10 0x000000000040f852 in initGblOps () at /usr/include/bits/stdio2.h:34 #11 0x0000000000406335 in main (argc=1, argv=0x7fff2852b898) at main.c:73 (gdb) Newest seems 1.0.6. vivek, would you try it? Yes I have looked into it and will give it a try and see if the bug exists and if it does will patch it up. Any progress? Ping? Pong Alive but burdened by a lot of work. Will finish off by checking with the newest gnujump by this weekend. Sorry for the delay. ping again? again ping? Pong. Sorry about the long delay. I have updated the package to the new version 1.0.6. Can someone please check if the bug exists for x86_64 for the new upstream release as well. Spec URL: http://bonii.fedorapeople.org/spec/gnujump.spec SRPM URL: http://bonii.fedorapeople.org/srpms/gnujump-1.0.6-1.fc9.src.rpm Thanks Unfortunately on my rawhide i586 machine executing gnujump rebuilt from comment 10 causes system freeze and currently I cannot figure out what is the cause.... Seems to run OK for me (F11, x86_64, binary nvidia drivers). I'll go ahead and review this package; hopefully we can get this ticket closed out before its first anniversary.
This builds OK and rpmlint is silent.
The license seems to be to be GPLv3+, not GPLv2+; most of the source files carry the usual GPLv3+ notice. SDL_rotozoom.c just says "LGPL" and SFont.c says GPLv2+, but both of those convert to GPLv3+ when linked to the rest of the code.
Nothing seems to own /usr/share/gnujump. You have "%{_datadir}/%{name}/*" in the %files list, but you should just have "%{_datadir}/%{name}/" so that the directory is owned properly instead of just whatever is inside it.
You should not pass --vendor="fedora" to desktop-file-install. https://fedoraproject.org/wiki/Packaging:Guidelines#desktop-file-install_usage
* source files match upstream. sha256sum:
3bfaac66b1429e8879e16bd7e9074ff1d6e3835a2ef1927af7d084deb186cf9d
gnujump-1.0.6.tar.gz
* package meets naming and versioning guidelines.
* specfile is properly named, is cleanly written and uses macros consistently.
* summary is OK.
* description is OK.
* dist tag is present.
* build root is OK.
X license field matches the actual license.
* license is open source-compatible.
* license text included in package.
* latest version is being packaged.
* BuildRequires are proper.
* compiler flags are appropriate.
* %clean is present.
* package builds in mock (rawhide, x86_64).
* package installs properly.
* debuginfo package looks complete.
* rpmlint is silent.
* final provides and requires are sane:
gnujump = 1.0.6-1.fc12
gnujump(x86-64) = 1.0.6-1.fc12
=
libGL.so.1()(64bit)
libSDL-1.2.so.0()(64bit)
libSDL_image-1.2.so.0()(64bit)
libSDL_mixer-1.2.so.0()(64bit)
X doesn't own all of the directories it creates.
* doesn't own any directories it shouldn't.
* no duplicates in %files.
* file permissions are appropriate.
* no generically named files
* code, not content.
* documentation is small, so no -doc subpackage is necessary.
* %docs are not necessary for the proper functioning of the package.
* no headers.
* no pkgconfig files.
* no static libraries.
* no libtool .la files.
X desktop file installed with --vendor.
The package review process needs reviewers! If you haven't done any package
reviews recently, please consider doing one.
Hi Jason,
Thanks for the review and the comments. I have cleaned up the blockers. Please find the new spec and srpm at:
Spec URL: http://bonii.fedorapeople.org/spec/gnujump.spec
SRPM URL: http://bonii.fedorapeople.org/srpms/gnujump-1.0.6-2.fc9.src.rpm
Thanks
Looks good, thanks. APPROVED Thanks for the review Jason. Thanks also to Debarshi,Jason and Victor. New Package CVS Request ======================= Package Name: gnujump Short Description: A jumping game which is a clone of xjump Owners: bonii Branches: F-10 F-11 InitialCC: bonii cvs done. gnujump-1.0.6-2.fc10 has been submitted as an update for Fedora 10. http://admin.fedoraproject.org/updates/gnujump-1.0.6-2.fc10 gnujump-1.0.6-2.fc11 has been submitted as an update for Fedora 11. http://admin.fedoraproject.org/updates/gnujump-1.0.6-2.fc11 Thanks to Mamoru for poking and pinging me. If someone has time maybe they can look at https://bugzilla.redhat.com/show_bug.cgi?id=469474 which has been in the review queue for quite some time. Well, comment #16 in that ticket says something interesting; it would be good for you to heed that advice. A quick bugzilla query indicates that you've submitted eight packages and have reviewed none. If that number were higher than zero then I might be willing to help, but as it is the package doesn't interest me and there are plenty of other packages to review. gnujump-1.0.6-2.fc11 has been pushed to the Fedora 11 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update gnujump'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F11/FEDORA-2009-7789 gnujump-1.0.6-2.fc10 has been pushed to the Fedora 10 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update gnujump'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F10/FEDORA-2009-7793 gnujump-1.0.6-2.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report. gnujump-1.0.6-2.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report. |