Bug 176858 - "*** glibc detected *** double free or corruption (fasttop)" on bad rpmbuild source package
"*** glibc detected *** double free or corruption (fasttop)" on bad rpmbuild ...
Product: Fedora
Classification: Fedora
Component: rpm (Show other bugs)
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Paul Nasrat
Mike McLean
Depends On:
  Show dependency treegraph
Reported: 2006-01-03 15:51 EST by development--bugzilla.redhat.com
Modified: 2007-11-30 17:11 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2006-01-06 06:44:22 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
The patch to make a test case "wxGTK-" out of a correct "wxGTK-" (508.57 KB, application/octet-stream)
2006-01-03 15:55 EST, development--bugzilla.redhat.com
no flags Details

  None (edit)
Description development--bugzilla.redhat.com 2006-01-03 15:51:22 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8) Gecko/20051219 SeaMonkey/1.0b

Description of problem:
If rpmbuild is invoked with a wrong source package (a source package which contains bit errors), rpmbuild may abort with this output:

*** glibc detected *** double free or corruption (fasttop): 0x080952a0 ***

Apparently, rpmbuild does not detect the errorneous nature of the input data and does something it should never do on any input (e.g. double free or corruption).

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. Download http://suse.mirrors.tds.net/pub/opensuse/distribution/SL-10.0-OSS/inst-source/suse/src/wxGTK-
2. Apply the attached file "wxGTK-" using the command "xdelta patch wxGTK- wxGTK- wxGTK-"
3. Run "rpmbuild --rebuild wxGTK-"

Actual Results:  rpmbuild's output is:

Installing wxGTK-
*** glibc detected *** double free or corruption (fasttop): 0x080952a0 ***

Expected Results:  rpmbuild should invoke the build process fine.

Additional info:

Although I'm an OpenSuSE user, I'm reporting here, because "rpm.org" points to this bugzilla instance for reporting rpm bugs. I'm not reporting at the OpenSuSE bugzilla, because Novell requires me to enclose too much private information. I believe that this bug applies to every RPM i386 distribution.

I reproduced the problem using this rpm binary: http://suse.mirrors.tds.net/pub/opensuse/distribution/SL-10.0-OSS/inst-source/suse/src/rpm-4.1.1-222.src.rpm

I'm not attaching the complete test case file "wxGTK-", as it is 14000669 bytes long.

The files used in reproduction should have following md5sums:

bdbe2a58f813a99d16c83c467b1cace5  wxGTK-
b11d23efe2ac7a4b3a17311600d16cb6  wxGTK-
140c65795f6717a859da4f2183bbc6f7  wxGTK-
Comment 1 development--bugzilla.redhat.com 2006-01-03 15:55:05 EST
Created attachment 122724 [details]
The patch to make a test case "wxGTK-" out of a correct "wxGTK-"

This is an xdelta patch, as ordinary "diff" patches are not suitable for binary

If you have problems, I may also post the full
"wxGTK-" file (which is about 14 MB long).
Comment 2 Jeff Johnson 2006-01-06 06:44:22 EST
rpm-4.1.1 (and later) has the ability to verify signatures and/or digests of the package before attempting 
processing (where the double free is occurring).

Whether SuSE or users wish to enable and use that feature is not an rpm problem.
Comment 3 development--bugzilla.redhat.com 2006-01-07 12:26:49 EST
Did you try the test case before declarng "WORKSFORME"?

Note You need to log in before you can comment on or make changes to this bug.