From 8a02be2d436318e96e08b1289f966b316ca7b879 Mon Sep 17 00:00:00 2001
From: Jindrich Novy <jnovy@redhat.com>
Date: Wed, 16 Mar 2011 15:03:27 +0100
Subject: [PATCH] - fix crash in package manifest check (#688091)

---
 rpm-4.9.0-manifest-fix.patch | 11 +++++++++++
 rpm.spec                     |  8 +++++++-
 2 files changed, 18 insertions(+), 1 deletion(-)
 create mode 100644 rpm-4.9.0-manifest-fix.patch

diff --git a/rpm-4.9.0-manifest-fix.patch b/rpm-4.9.0-manifest-fix.patch
new file mode 100644
index 0000000..96d71db
--- /dev/null
+++ b/rpm-4.9.0-manifest-fix.patch
@@ -0,0 +1,11 @@
+diff -up rpm-4.9.0/lib/manifest.c.manifest-fix rpm-4.9.0/lib/manifest.c
+--- rpm-4.9.0/lib/manifest.c.manifest-fix	2010-12-03 13:11:57.000000000 +0100
++++ rpm-4.9.0/lib/manifest.c	2011-03-16 14:54:49.502557299 +0100
+@@ -96,6 +96,7 @@ rpmRC rpmReadPackageManifest(FD_t fd, in
+ 
+ 	/* Sanity checks: skip obviously binary lines and dash (for stdin) */
+ 	if (*s < 32 || rstreq(s, "-")) {
++	    s = NULL;
+ 	    rpmrc = RPMRC_NOTFOUND;
+ 	    goto exit;
+ 	}
diff --git a/rpm.spec b/rpm.spec
index 700f084..d59a70e 100644
--- a/rpm.spec
+++ b/rpm.spec
@@ -21,7 +21,7 @@
 Summary: The RPM package management system
 Name: rpm
 Version: %{rpmver}
-Release: %{?snapver:0.%{snapver}.}1%{?dist}
+Release: %{?snapver:0.%{snapver}.}2%{?dist}
 Group: System Environment/Base
 Url: http://www.rpm.org/
 Source0: http://rpm.org/releases/rpm-4.8.x/%{name}-%{srcver}.tar.bz2
@@ -38,6 +38,8 @@ Patch2: rpm-4.8.90-fedora-specspo.patch
 Patch3: rpm-4.8.0-no-man-dirs.patch
 # gnupg2 comes installed by default, avoid need to drag in gnupg too
 Patch4: rpm-4.8.1-use-gpg2.patch
+# do not try to free and unallocated variable (#688091)
+Patch5: rpm-4.9.0-manifest-fix.patch
 
 # Patches already in upstream
 
@@ -204,6 +206,7 @@ packages on a system.
 %patch2 -p1 -b .fedora-specspo
 %patch3 -p1 -b .no-man-dirs
 %patch4 -p1 -b .use-gpg2
+%patch5 -p1 -b .manifest-fix
 
 %patch301 -p1 -b .niagara
 %patch302 -p1 -b .geode
@@ -418,6 +421,9 @@ exit 0
 %doc COPYING doc/librpm/html/*
 
 %changelog
+* Wed Mar 16 2011 Jindirch Novy <jnovy@redhat.com> - 4.9.0-2
+- fix crash in package manifest check (#688091)
+
 * Wed Mar 02 2011 Panu Matilainen <pmatilai@redhat.com> - 4.9.0-1
 - update to 4.9.0 final
 - drop upstreamed patches