Bug 742499 - Segmentation fault for fuzzed rpm
Summary: Segmentation fault for fuzzed rpm
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: rpm
Version: 6.2
Hardware: All
OS: Linux
low
low
Target Milestone: rc
: ---
Assignee: Panu Matilainen
QA Contact: BaseOS QE Security Team
URL:
Whiteboard:
Depends On:
Blocks: 743203
TreeView+ depends on / blocked
 
Reported: 2011-09-30 10:23 UTC by Petr Sklenar
Modified: 2011-12-06 18:18 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
: 743203 (view as bug list)
Environment:
Last Closed: 2011-12-06 18:18:42 UTC
Target Upstream Version:

Attachments (Terms of Use)
corrupted rpm (2.45 KB, application/x-redhat-package-manager)
2011-09-30 10:23 UTC, Petr Sklenar 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2011:1737 0 normal SHIPPED_LIVE rpm bug fix and enhancement update 2011-12-06 01:01:53 UTC

Description Petr Sklenar 2011-09-30 10:23:01 UTC 
Created attachment 525758 [details]
corrupted rpm

Description of problem:
Segmentation fault when installing corrupted rpm

Version-Release number of selected component (if applicable):
rpm-4.8.0-16.el6.i686
this is not regression

How reproducible:
deterministic

Steps to Reproduce:
1. have a whatever rpm
2. try used fuzzing to corrupt such a rpm
3. install corrupted rpm
  
Actual results:
Segmentation fault

Expected results:
nice error, like
error: nothing.rpm: headerRead failed: Header sanity check: OK
error: nothing.rpm cannot be installed
error: package nothing is not installed

Additional info:
rpm -Uvh nothing.rpm
Segmentation fault
Freeing read locks for locker 0x19fcf: 18350/3078379296
Freeing read locks for locker 0x19fd1: 18350/3078379296
error: package nothing is not installed

rpm -K nothing.rpm 
Freeing read locks for locker 0x19fd5: 19165/3079169824
Freeing read locks for locker 0x19fd7: 19165/3079169824
Segmentation fault
Comment 3 Panu Matilainen 2011-09-30 12:35:28 UTC 
ACK, and FWIW fixed upstream now.
Comment 10 errata-xmlrpc 2011-12-06 18:18:42 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2011-1737.html
Note You need to log in before you can comment on or make changes to this bug.