Package: aptitude Version: 0.8.12
Source: aptitude I downloaded the newest source code from:http://deb.debian.org/debian/pool/main/a/aptitude/aptitude_0.8.12.orig.tar.xz. The bug lies in src/generic/util/sqlite.cc:201-202: 201: int result = sqlite3_exec(handle, sql.c_str(), 202: callback, data, &msg); According to libsqlite3 API document of 'sqlite3_exec': "To avoid memory leaks, the application should invoke sqlite3_free() on error message strings returned through the 5th parameter of sqlite3_exec() after the error message string is no longer needed." So this is potential memory leak, and the patch should be: 208: if(result != SQLITE_OK || msg != NULL) 209: throw exception(errmsg, result); 210:+ if(msg) 211:+ sqlite3_free(msg)
