[Rpm-maint] [rpm-software-management/rpm] invalid memory read in rstreqn / rpmdsNewPool (#137)

Panu Matilainen notifications at github.com
Fri Feb 17 20:13:22 UTC 2017

It'll cleanly fail on signature checking (rpm -K) however, which is what you're supposed to do for unknown packages before even considering installation. That's usually considered the minimal criteria for rpm.

The underlying issue here is that practically ALL of rpm assumes tags are of the correct type, and funky segfaults happen when they're not. There are countless variations of the theme, most of the other cases in this report batch have similar issues but also happen to have something else that will cause them to fail earlier. Making all of rpm check for tag types and return codes for all retrievals, modifications etc is a colossal task and is just not going to happen in a 0.1 release.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20170217/a001a1d4/attachment.html>

More information about the Rpm-maint mailing list