Comment 19 for bug 910708

It looks like I've found a solution. Structure *rpmhkp_s* has some fields which in fact are the private variables for the function rpmhkpValidate from rpmio/rpmhkp.c. At the moment of the first call these fields are initialized with -1. When this function is executed the second time (to check the second package), these fields are not reinitialized and have some values that can affect the validation of package.

For example (look at rpmhkp.c:1010), field *tvalid* has the last value of *thistime* of pkt. Every pkt's *thistime* have to be greater than the previous one. But the *tvalid* comes from the previous package (it's not 0)! It causes pkt rejection and uvalidx is not updated (in the next line). At the end of the function (line 1058) we check (hkp->uidx >= 0 && hkp->uidx < hkp->npkts) is True and get hkp->pkts[hkp->uvalidx], where uvalidx is given from the previous package. Here segfault is :)