[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Could someone check this package (osdsh)?

On Wed, Oct 22, 2003 at 02:39:34PM +0200, Joachim Breitner wrote:

> I just became a full Debian Developer, so don't worry, you don't have to
> sponsor anything and all that goes wrong will be blamed on me...

  Congratulations :)

> Anyways I thought before I upload this package, I'd rather have it
> checked by someone (just the basics). I don't think there will be a
> problem, so this should not really be a great effort. The package is
> linitan-clean. I put the files on
> http://people.debian.org/~nomeata/osdsh_preview/ (source and i386
> binary). 

   The main source file isn't readable, so I couldnt' download it.
  But I got the tarball from the upstream site and had a quick look.

   I only see a couple of "issues" and they are mostly with the upstream:

 1. The code compiles with -O3 not -O2 which I think is the
    suggested value.

 2. The osdctl binary segfaults on excessive command line args.
    (Unbounded sprintf's in src/osdctl/osdctl.c).

 3. The first line of the description reads:
 	"Overlays your screen with various system informations"
    I'd remove that trailing "s", to read "system information".

 4. The long discription could be cleaned a little too...

  All in all a good job for a first attempt :)

Steve
--
# Debian Security Audit Project
http://www.steve.org.uk/Debian/
Reply to: