Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 2150611

Summary: getnetconfig.c: Improper waiting time on a proper value for getnetconfigent()
Product: Red Hat Enterprise Linux 9 Reporter: Zhi Li <yieli>
Component: libtirpcAssignee: Steve Dickson <steved>
Status: CLOSED ERRATA QA Contact: Zhi Li <yieli>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 9.3CC: xzhou, yoyang
Target Milestone: rcKeywords: Patch, Triaged
Target Release: ---Flags: pm-rhel: mirror+
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: libtirpc-1.3.3-2.el9 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2023-11-07 08:55:04 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Zhi Li 2022-12-04 12:56:04 UTC 
Description of problem:

By adapting CodeChecker for libtirpc related tests, it complains an improper waiting time for function getnetconfigent with a valid input value, either it should be treated as a wrong input or just take it as a proper value without sleeping:

 419 struct netconfig *
 420 getnetconfigent(netid)
 421         const char *netid;
 422 {
 423     FILE *file;         /* NETCONFIG db's file pointer */
 424     char *linep;        /* holds current netconfig line */
 425     char *stringp;      /* temporary string pointer */
 426     struct netconfig *ncp = NULL;   /* returned value */
 427     struct netconfig_list *list;        /* pointer to cache list */
 428 
 429     nc_error = NC_NOTFOUND;     /* default error. */
 430     if (netid == NULL || strlen(netid) == 0) {
 431         return (NULL);
 432     }
 433 
 434     if (strcmp(netid, "unix") == 0) {
 435         fprintf(stderr, "The local transport is called \"unix\" ");
 436         fprintf(stderr, "in /etc/netconfig.\n");
 437         fprintf(stderr, "Please change this to \"local\" manually ");
 438         fprintf(stderr, "or run mergemaster(8).\n");
 439         fprintf(stderr, "See UPDATING entry 20021216 for details.\n");
 440         fprintf(stderr, "Continuing in 10 seconds\n\n");
 441         fprintf(stderr, "This warning will be removed 20030301\n");
 442         sleep(10);
 443 
 444     }

http://git.linux-nfs.org/?p=steved/libtirpc.git;a=blob;f=src/getnetconfig.c;h=cfd33c24523be2f327a1ac1d3b2116556f591b99;hb=HEAD#l442


Version-Release number of selected component (if applicable):
libtirpc-1.3.3-1.el9
Comment 1 Steve Dickson 2023-01-11 16:24:24 UTC 
commit f7f0abdf267698de3f74a0285405b1b01f40893b
Author: Zhi Li <yieli>
Date:   Wed Jan 11 11:19:31 2023 -0500

    getnetconfigent: avoid potential DoS issue by removing unnecessary sleep
Comment 20 errata-xmlrpc 2023-11-07 08:55:04 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (libtirpc bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2023:6656