When rpmReadPackageHeader is called for a corrupt or 0 sized
package (touch bla-1.1-1.i386.rpm does nicely), it doesn't
signal an error. According to the docs (Maximum RPM) it
should return 0 when succesful, 1 when it finds bad magic
numbers, and 2 when another error occurs. When calling
rpmReadPackageHeader on the empty rpm, it returns 0, and it
sets the isSource flag. When headerFree is called on the
resulting Header variable, it segfaults.
This program prints "rc 1" using rpm-2.93-1 on sparc Red Hat 5.2.
A perusal of the latest rpm-2.5.x sources indicates that 1 is
what would be expected.
fd = fdOpen("/tmp/foo.src.rpm", 0, 0);
rc = rpmReadPackageHeader(fd, &h, &isSource, NULL, NULL);
printf("rc %d\n", rc, isSource);
You're absolutely right. I interpreted the code wrong. Sorry 'bout