From Bugzilla Helper: User-Agent: Mozilla/4.77 [en] (X11; U; Linux 2.4.2-2 i686) After (e.g.) 'rpm -qa' command, on the last line, rpm complains "memory alloc (28 bytes) returned NULL." This seems to also affect up2date operations, up2date also crashes and reports the same "memory alloc (28 bytes) returned NULL.". It might be that the RPM database is somehow corrupted, at some point I remember having two instances of one package when doing 'rpm -qa', I managed to remove all of the instances, but it might be that the database is still broken. I tried doing 'rpm --rebuilddb', no use, problem persists. Reproducible: Always Steps to Reproduce: 1. rpm -qa 2. or, try to use up2date Actual Results: "memory alloc (28 bytes) returned NULL." Expected Results: no error messages
Where is the security problem?
DoS. Security updates available through up2date cannot be applied since up2date does not work. Denial of Service.
The error message indicates that malloc is failing. This is usually not an rpm problem. rpm prints an error message and exits rather than segfaulting when malloc returns a NULL pointer. You might look carefully at your kernel, as there have been known file system corruption problems in early 2.4 kernels that show up as rpm database corruption problems. Marking as NOTABUG because I don't see a problem with rpm exiting because malloc returns a NULL pointer rather than segfaulting, and the real problem is that malloc is returning a NULL pointer for reasons unknown.