eso-midas: please remove due to FTBFS
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
eso-midas (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
Please remove eso-midas.
eso-midas FTBFS on all architectures due to a crash when running its testuite (which it does during package building), this is the issue described in https:/
This is probably due to _FORTIFY_SOURCE=3 and the issue doesn't happen on Debian it seems (no ftbfs there). It is not a spurious error though.
The crux is the following backtrace excerpt:
#7 0x00007ffff7ed39e5 in snprintf (__fmt=
Relevant code is:
for (nr=0; nr<(n2-n1)*10; nr+=10)
(void) snprintf(
The project's code is quite obscure, mostly undocumented, previous-millenium grade and even without considering all of this, is quite certainly wrong because the buffer offset (&work[nr]) moves forward due to the loop but the "88" is not decreased accordingly.
I don't understand the code or its usage enough to be confident I can produce an appropriate fix, especially since the code is structured that way in order to format values in a specific way (which is unknown to me).
For the past 10 years or so, upstream has only been doing maintenance: there was actually an update in February 2023. However there are tons of warnings about buffer overflows, especially s(n)printf-related, and the current issue flew under the radar: that's quite telling of how many problems there probably are.
It is (very) low-popcon: https:/
There are no reverse-depend besides astro-frameworks (Debian Astro Team) which Recommends it.
For completeness, I should mention there are reverse-
Contacting upstream involves using a mailing-list which you can do through an HTML form on https:/
For all of the above, I think it is appropriate to remove eso-midas. I am however unsure about preventing future syncs because a) maybe the next update will fix the issue, b) it's a slow-changing package so there won't be a lot of noise.