Version-Release number of selected component: rpm version 3.06 How reproducible: Take a valid rpm package and change the byte at offset 0x4F from 0x05 to 0x00. Running "rpm -i <packagename>" will result in segfault. If you do "rpm -qp <packagename>" you will get "-(null)-(null)" as output. Similarly, changing the byte at offset 0x04 to 0x02 will result in "memory alloc returned NULL." when "rpm -i <packagename>" is run. Interestingly, "rpm --checksig <packagename>" is still happy with this packet. Expected results: rpm should report a broken archive.
This is rpm-3.0.6? Dead and gone, no support. Please reopen this bug if not rpm-3.0.6.