Hello, the easiest way to reproduce the problem is to run `./mergebad -s`.
The mergebad utility doesn't check the number of required arguments and crashes, because NULL is passed to atoll() at: mergebad.c:315: length = atoll(argv[++loop]); I've prepared the quick-fix patch [1]. With minimum changes it adds checking of arguments number. The full solution would be to use getopt(), the same way as in the recoverdm.c. [1] https://salsa.debian.org/pkg-security-team/recoverdm/blob/debian/master/debian/patches/30-fix-BTS-mergebad-crash.patch Best wishes, Aleksey