git: a6b19979bf13 - main - tzcode: Fix TZ for non-setugid programs

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Dag-Erling Smørgrav <des_at_FreeBSD.org>
Date: Fri, 22 Aug 2025 07:23:12 UTC
The branch main has been updated by des:

URL: https://cgit.FreeBSD.org/src/commit/?id=a6b19979bf13055da5f24d1f240f2acddb35eeac

commit a6b19979bf13055da5f24d1f240f2acddb35eeac
Author:     Dag-Erling Smørgrav <des@FreeBSD.org>
AuthorDate: 2025-08-22 07:22:17 +0000
Commit:     Dag-Erling Smørgrav <des@FreeBSD.org>
CommitDate: 2025-08-22 07:22:17 +0000

    tzcode: Fix TZ for non-setugid programs
    
    The previous commit had the desired effect for setugid programs, but
    broke TZ for everyone else.  I didn't notice because my test cases
    swap out /etc/localtime instead of setting TZ, so add a test case
    that sets TZ.
    
    Fixes:          b6ea2513f776 ("tzcode: Limit TZ for setugid programs")
    Reviewed by:    cy
    Differential Revision:  https://reviews.freebsd.org/D52108
---
 contrib/tzcode/localtime.c                      | 11 +++--
 lib/libc/tests/stdtime/detect_tz_changes_test.c | 61 +++++++++++++++++--------
 2 files changed, 48 insertions(+), 24 deletions(-)

diff --git a/contrib/tzcode/localtime.c b/contrib/tzcode/localtime.c
index 1a01db931cab..0fe7f1ed3f64 100644
--- a/contrib/tzcode/localtime.c
+++ b/contrib/tzcode/localtime.c
@@ -535,21 +535,22 @@ tzloadbody(char const *name, struct state *sp, bool doextend,
 	}
 	if (doaccess && access(name, R_OK) != 0)
 	  return errno;
+	fid = _open(name, O_RDONLY | O_BINARY);
 #else /* __FreeBSD__ */
-        if (issetugid()) {
+        {
           const char *relname = name;
           if (strncmp(relname, TZDIR "/", strlen(TZDIR) + 1) == 0)
             relname += strlen(TZDIR) + 1;
           int dd = _open(TZDIR, O_DIRECTORY | O_RDONLY);
           if (dd < 0)
             return errno;
-          fid = _openat(dd, relname, O_RDONLY | O_BINARY, AT_RESOLVE_BENEATH);
+          fid = _openat(dd, relname, O_RDONLY | O_BINARY,
+                        issetugid() ? AT_RESOLVE_BENEATH : 0);
           serrno = errno;
           _close(dd);
           errno = serrno;
-        } else
-#endif
-	fid = _open(name, O_RDONLY | O_BINARY);
+        }
+#endif /* __FreeBSD__ */
 	if (fid < 0)
 	  return errno;
 
diff --git a/lib/libc/tests/stdtime/detect_tz_changes_test.c b/lib/libc/tests/stdtime/detect_tz_changes_test.c
index 9722546747fd..75f55bdede04 100644
--- a/lib/libc/tests/stdtime/detect_tz_changes_test.c
+++ b/lib/libc/tests/stdtime/detect_tz_changes_test.c
@@ -20,6 +20,26 @@
 
 #include <atf-c.h>
 
+static const struct tzcase {
+	const char *tzfn;
+	const char *expect;
+} tzcases[] = {
+	/*
+	 * A handful of time zones and the expected result of
+	 * strftime("%z (%Z)", tm) when that time zone is active
+	 * and tm represents a date in the summer of 2025.
+	 */
+	{ "America/Vancouver",	"-0700 (PDT)"	},
+	{ "America/New_York",	"-0400 (EDT)"	},
+	{ "Europe/London",	"+0100 (BST)"	},
+	{ "Europe/Paris",	"+0200 (CEST)"	},
+	{ "Asia/Kolkata",	"+0530 (IST)"	},
+	{ "Asia/Tokyo",		"+0900 (JST)"	},
+	{ "Australia/Canberra",	"+1000 (AEST)"	},
+	{ "UTC",		"+0000 (UTC)"	},
+	{ 0 },
+};
+
 static const time_t then = 1751328000; /* 2025-07-01 00:00:00 UTC */
 static const char *tz_change_interval_sym = "__tz_change_interval";
 static int *tz_change_interval_p;
@@ -91,25 +111,6 @@ ATF_TC_HEAD(detect_tz_changes, tc)
 }
 ATF_TC_BODY(detect_tz_changes, tc)
 {
-	static const struct tzcase {
-		const char *tzfn;
-		const char *expect;
-	} tzcases[] = {
-		/*
-		 * A handful of time zones and the expected result of
-		 * strftime("%z (%Z)", tm) when that time zone is active
-		 * and tm represents a date in the summer of 2025.
-		 */
-		{ "America/Vancouver",	"-0700 (PDT)"	},
-		{ "America/New_York",	"-0400 (EDT)"	},
-		{ "Europe/London",	"+0100 (BST)"	},
-		{ "Europe/Paris",	"+0200 (CEST)"	},
-		{ "Asia/Kolkata",	"+0530 (IST)"	},
-		{ "Asia/Tokyo",		"+0900 (JST)"	},
-		{ "Australia/Canberra",	"+1000 (AEST)"	},
-		{ "UTC",		"+0000 (UTC)"	},
-		{ 0 },
-	};
 	char obuf[1024] = "";
 	char ebuf[1024] = "";
 	struct pollfd fds[3];
@@ -272,10 +273,32 @@ ATF_TC_BODY(detect_tz_changes, tc)
 	ATF_REQUIRE_EQ(0, WEXITSTATUS(status));
 }
 
+ATF_TC(tz_env);
+ATF_TC_HEAD(tz_env, tc)
+{
+	atf_tc_set_md_var(tc, "descr", "Test TZ environment variable");
+}
+ATF_TC_BODY(tz_env, tc)
+{
+	char buf[128];
+	const struct tzcase *tzcase = NULL;
+	struct tm *tm;
+	size_t len;
+
+	for (tzcase = tzcases; tzcase->tzfn != NULL; tzcase++) {
+		setenv("TZ", tzcase->tzfn, 1);
+		ATF_REQUIRE((tm = localtime(&then)) != NULL);
+		len = strftime(buf, sizeof(buf), "%z (%Z)", tm);
+		ATF_REQUIRE(len > 0);
+		ATF_REQUIRE_STREQ(tzcase->expect, buf);
+	}
+}
+
 ATF_TP_ADD_TCS(tp)
 {
 	debugging = !getenv("__RUNNING_INSIDE_ATF_RUN") &&
 	    isatty(STDERR_FILENO);
 	ATF_TP_ADD_TC(tp, detect_tz_changes);
+	ATF_TP_ADD_TC(tp, tz_env);
 	return (atf_no_error());
 }