Bug 2150611

Summary: getnetconfig.c: Improper waiting time on a proper value for getnetconfigent()
Product: Red Hat Enterprise Linux 9 Reporter: Zhi Li <yieli>
Component: libtirpcAssignee: Steve Dickson <steved>
Status: VERIFIED --- QA Contact: Zhi Li <yieli>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 9.3CC: xzhou, yoyang
Target Milestone: rcKeywords: Patch, Triaged
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: libtirpc-1.3.3-2.el9 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Zhi Li 2022-12-04 12:56:04 UTC 
Description of problem:

By adapting CodeChecker for libtirpc related tests, it complains an improper waiting time for function getnetconfigent with a valid input value, either it should be treated as a wrong input or just take it as a proper value without sleeping:

 419 struct netconfig *
 420 getnetconfigent(netid)
 421         const char *netid;
 422 {
 423     FILE *file;         /* NETCONFIG db's file pointer */
 424     char *linep;        /* holds current netconfig line */
 425     char *stringp;      /* temporary string pointer */
 426     struct netconfig *ncp = NULL;   /* returned value */
 427     struct netconfig_list *list;        /* pointer to cache list */
 428 
 429     nc_error = NC_NOTFOUND;     /* default error. */
 430     if (netid == NULL || strlen(netid) == 0) {
 431         return (NULL);
 432     }
 433 
 434     if (strcmp(netid, "unix") == 0) {
 435         fprintf(stderr, "The local transport is called \"unix\" ");
 436         fprintf(stderr, "in /etc/netconfig.\n");
 437         fprintf(stderr, "Please change this to \"local\" manually ");
 438         fprintf(stderr, "or run mergemaster(8).\n");
 439         fprintf(stderr, "See UPDATING entry 20021216 for details.\n");
 440         fprintf(stderr, "Continuing in 10 seconds\n\n");
 441         fprintf(stderr, "This warning will be removed 20030301\n");
 442         sleep(10);
 443 
 444     }

http://git.linux-nfs.org/?p=steved/libtirpc.git;a=blob;f=src/getnetconfig.c;h=cfd33c24523be2f327a1ac1d3b2116556f591b99;hb=HEAD#l442


Version-Release number of selected component (if applicable):
libtirpc-1.3.3-1.el9
Comment 1 Steve Dickson 2023-01-11 16:24:24 UTC 
commit f7f0abdf267698de3f74a0285405b1b01f40893b
Author: Zhi Li <yieli>
Date:   Wed Jan 11 11:19:31 2023 -0500

    getnetconfigent: avoid potential DoS issue by removing unnecessary sleep