Bug 4651

Summary: Bad command line arguments cause a core dump :-(
Product: [Retired] Red Hat Linux Reporter: Sam Varshavchik <mrsam>
Component: rpmAssignee: Jeff Johnson <jbj>
Status: CLOSED CURRENTRELEASE QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: 6.0   
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 1999-08-23 23:11:52 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Sam Varshavchik 1999-08-22 18:47:08 UTC 
[mrsam@gwl mrsam]$ rpm -q rpm
rpm-3.0.2-6.0
[mrsam@gwl mrsam]$ cat $HOME/.rpmmacros
%_topdir        /home/mrsam/src/rpm
%_pgpbin        /usr/local/bin/pgp
%_pgp_path      /home/mrsam/.pgp
%_signature     pgp
%_pgp_name      mrsam
[mrsam@gwl mrsam]$ ls $HOME/.pgp
config.txt  pubring.bak  randseed.bin  secring.pgp
keys.pgp    pubring.pgp  secring.bak
[mrsam@gwl mrsam]$ rpm -ba --sign
Segmentation fault (core dumped)
Comment 1 Jeff Johnson 1999-08-23 16:53:59 UTC 
I cannot reproduce this bug without more information.

What argument/macro is causing the segfault?
Comment 2 Jeff Johnson 1999-08-23 16:54:59 UTC 
I cannot reproduce this bug without more information.

What argument/macro is causing the segfault?
Comment 3 Anonymous 1999-08-23 21:32:59 UTC 
Apparently the core dump occurs because of the -ba flag without any
actual spec file given, and both -ba and --sign must be present as
well.

rpm -ba results in an error message.

rpm --sign results in an error message.

rpm -ba --sign results in a core dump.

Tail end of strace:

open("/usr/lib/rpm/i686-linux/macros", O_RDONLY) = -1 ENOENT (No such
file or directory)
open("/etc/rpm/macros", O_RDONLY)       = -1 ENOENT (No such file or
directory)
open("/etc/rpm/i686-linux/macros", O_RDONLY) = -1 ENOENT (No such file
or directory)
open("/home/mrsam/.rpmmacros", O_RDONLY) = 3
fstat(3, {st_mode=032760, st_size=0, ...}) = 0
mmap(0, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0)
= 0x40000000
read(3, "%_topdir\t/home/mrsam/src/rpm\n%"..., 4096) = 104
read(3, "", 4096)                       = 0
close(3)                                = 0
munmap(0x40000000, 4096)                = 0
--- SIGSEGV (Segmentation fault) ---
+++ killed by SIGSEGV +++
Comment 4 Anonymous 1999-08-23 22:02:59 UTC 
Here's why rpm is dumping core:

rpm.c, line 1125, function call to poptGetArgs

In function poptGetArgs (popt.c line 487):

   The first if statement evaluates to true, causing the function to
return NULL.

rpm.c, line 1125, argv gets set to NULL.

rpm.c, line 1126:

     while (*argv)

BOOM!!!!!!!
Comment 5 Jeff Johnson 1999-08-23 23:11:59 UTC 
This will be fixed in rpm-3.0.3-0.18. Thanks for the analysis.