You're receiving this bug because the package in Summary has produced _FORTIFY_SOURCE related warnings indicating the presence of a sure overflow in a static buffer.
Even though this is not always an indication of a security problem it might even be. So please check this out ASAP.
By the way, _FORTIFY_SOURCE is disabled when you disable optimisation, so don't try finding out the cause using -O0.
Your friendly neighborhood tinderboxer
Created attachment 250511 [details]
Created attachment 250519 [details, diff]
Patch to trackballs-1.1.4.ebuild to fix _FORTIFY_SOURCE issue and snprintf non-literal format issues
This adds sed statements to fix the following upstream issues:
- Use of wrong variable in a sizeof() in src/enterHighScoreMode.cc caused a _FORTIFY_SOURCE warning.
- Use of non-literal with no format arguments in src/editMode.cc and src/map.cc. This has the potential to cause the program to dereference invalid pointers or otherwise generate unwanted strings. In the worst case, use of a %n would cause glibc to abort the program as a security precaution. The sed calls convert from:
snprintf(X, sizeof(X), VAR)
snprintf(X, sizeof(X), "%s", VAR)
This should produce equivalent behavior in the normal case where no format escapes were used, and will prevent misbehavior in the bad case where a format escape is introduced.