Bug 2025386

Summary: [covscan] gssd/krb5_util.c fix the newly introduced defects of incompatible_cast
Product: Red Hat Enterprise Linux 8 Reporter: Yongcheng Yang <yoyang>
Component: nfs-utilsAssignee: Steve Dickson <steved>
Status: CLOSED WONTFIX QA Contact: Yongcheng Yang <yoyang>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 8.5CC: steved, xzhou
Target Milestone: betaKeywords: Patch, Triaged
Target Release: ---Flags: pm-rhel: mirror+
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 1988283 Environment:
Last Closed: 2023-05-22 07:28:37 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1988283    
Bug Blocks:    

Description Yongcheng Yang 2021-11-22 03:19:13 UTC 
This is to track the INCOMPATIBLE_CAST issue.


Description of problem:
Then new version nfs-utils-2.3.3-44.el8 via bz1961056 introduces 2 more defects which looks like need to be fix. Please help have a look and check them.

https://cov01.lab.eng.brq.redhat.com/covscanhub/waiving/76192/206104/#defects

The first one has been fixed via Bug #1988283
...

The second one:
 1. nfs-utils-2.3.3/utils/gssd/krb5_util.c:400: incompatible_cast: Pointer "&ple->endtime" points to an object whose effective type is "int" (32 bits, signed) but is dereferenced as a wider "long" (64 bits, signed). This may lead to memory corruption. 

#   398|   	if (ple->ccname && ple->endtime > now && !nocache) {
#   399|   		printerr(3, "%s(0x%lx): Credentials in CC '%s' are good until %s",
#   400|-> 			 __func__, tid, ple->ccname, ctime((time_t *)&ple->endtime));
#   401|   		code = 0;
#   402|   		pthread_mutex_unlock(&ple_lock);


Version-Release number of selected component (if applicable):
nfs-utils-2.3.3-46.el8

How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:
Comment 4 RHEL Program Management 2023-05-22 07:28:37 UTC 
After evaluating this issue, there are no plans to address it further or fix it in an upcoming release.  Therefore, it is being closed.  If plans change such that this issue will be fixed in an upcoming release, then the bug can be reopened.