From 9d187dd4ad11f857386881db032d7e71ad26f47c Mon Sep 17 00:00:00 2001
From: Ulrich Drepper <drepper@redhat.com>
Date: Fri, 24 Jan 1997 02:23:54 +0000
Subject: update from main archive 970122

1997-01-23  Paul Eggert  <eggert@twinsun.com>

	* mktime.c (mktime): Invoke __tzset, not __tzset_internal, to set tz,
	so that tzname is set as POSIX requires.

Fri Jan 24 02:49:18 1997  Ulrich Drepper  <drepper@cygnus.com>

	* dirent/dirent.h: Declare readdir_r also when __USE_POSIX.
	* grp/grp.h: Declare *_r functions also when __USE_POSIX.
	* pwd/pwd.h: Likewise.
	* time/time.h: Likewise.
	* posix/unistd.h: Declare ttyname_r also when __USE_POSIX.
	* string/string.h: Declare strtok_r also when __USE_POSIX.

	* stdio-common/bug7.c: Use tmpnam to generate names for test files.

	* stdio-common/tmpnam.c: Update copyright.
	* stdio-common/tmpnam_r.c: Likewise.

	* sysdeps/unix/sysv/linux/alpha/sys/kernel_termios.h: Protect
	against multiple inclusion.  Include <termbits.h>.
	* sysdeps/unix/sysv/linux/sys/kernel_termios.h: Likewise.

	* sysdeps/unix/sysv/linux/net/if.h: Update according to recent
	kernel headers.  Patch by Philip Blundell <pjb27@cam.ac.uk>.

Thu Jan 23 17:42:00 1997  Ulrich Drepper  <drepper@cygnus.com>

	* sysdeps/unix/sysv/linux/sparc/clone.S: Correct author attribution.

	* sysdeps/unix/sysv/linux/net/if_arp (MAX_ADDR_LEN): Add definition.

Thu Jan 23 14:20:34 1997  Ulrich Drepper  <drepper@cygnus.com>

	* time/tzfile.c (__tzfile_read): Don't allow arbitrary files to be
	read when running a setuid program.
---
 time/Makefile | 32 ++++++++++++++++----------------
 time/mktime.c |  9 ++++-----
 time/time.h   | 10 +++++-----
 time/tzfile.c | 14 +++++++++++++-
 4 files changed, 38 insertions(+), 27 deletions(-)

(limited to 'time')

diff --git a/time/Makefile b/time/Makefile
index 7f8513cc6a..b994eee1ac 100644
--- a/time/Makefile
+++ b/time/Makefile
@@ -91,22 +91,22 @@ $(tzfiles:%=$(objpfx)z.%): $(objpfx)z.%: % Makefile
 # Kludge alert: we use an implicit rule (in what we are generating here)
 # because that is the only way to tell Make that the one command builds all
 # the files.
-	(echo 'define $*-zones'						;\
-	 awk '$$1 == "Zone" { print $$2 } $$1 == "Link" { print $$3 }' $^;\
-	 echo 'endef'							;\
-	 echo '$*-zones := $$(subst $$(nl), ,$$($*-zones))'		;\
-	 echo 'ifdef $*-zones'						;\
-	 echo '$$(addprefix $$(datadir)/zone%/right/,$$($*-zones)): \'	;\
-	 echo '$< $$(objpfx)zic leapseconds yearistype'			;\
-	 echo '	$$(tzcompile)'						;\
-	 echo '$$(addprefix $$(datadir)/zone%/posix/,$$($*-zones)): \'	;\
-	 echo '$< $$(objpfx)zic /dev/null yearistype'			;\
-	 echo '	$$(tzcompile)'						;\
-	 echo '$$(addprefix $$(datadir)/zone%/,$$($*-zones)): \'	;\
-	 echo '$< $$(objpfx)zic $$(leapseconds) yearistype'		;\
-	 echo '	$$(tzcompile)'						;\
-	 echo 'endif'							;\
-	 echo 'zonenames := $$(zonenames) $$($*-zones)'			;\
+	(echo 'define $*-zones'						    ;\
+	 awk '$$1 == "Zone" { print $$2 } $$1 == "Link" { print $$3 }' $^   ;\
+	 echo 'endef'							    ;\
+	 echo '$*-zones := $$(subst $$(nl), ,$$($*-zones))'		    ;\
+	 echo 'ifdef $*-zones'						    ;\
+	 echo '$$(addprefix $$(inst_datadir)/zone%/right/,$$($*-zones)): \' ;\
+	 echo '$< $$(objpfx)zic leapseconds yearistype'			    ;\
+	 echo '	$$(tzcompile)'						    ;\
+	 echo '$$(addprefix $$(inst_datadir)/zone%/posix/,$$($*-zones)): \' ;\
+	 echo '$< $$(objpfx)zic /dev/null yearistype'			    ;\
+	 echo '	$$(tzcompile)'						    ;\
+	 echo '$$(addprefix $$(inst_datadir)/zone%/,$$($*-zones)): \'	    ;\
+	 echo '$< $$(objpfx)zic $$(leapseconds) yearistype'		    ;\
+	 echo '	$$(tzcompile)'						    ;\
+	 echo 'endif'							    ;\
+	 echo 'zonenames := $$(zonenames) $$($*-zones)'			    ;\
 	) > $@.new
 	mv $@.new $@
 
diff --git a/time/mktime.c b/time/mktime.c
index 223872f228..fd242b1545 100644
--- a/time/mktime.c
+++ b/time/mktime.c
@@ -85,9 +85,6 @@
   ((year) % 4 == 0 && ((year) % 100 != 0 || (year) % 400 == 0))
 #endif
 
-/* Prototype for the internal function to get information based on TZ.  */
-extern void __tzset_internal __P ((int always));
-
 /* How many days come before each month (0-12).  */
 const unsigned short int __mon_yday[2][13] =
   {
@@ -164,8 +161,10 @@ mktime (tp)
      struct tm *tp;
 {
 #ifdef _LIBC
-  /* Update internal database according to current TZ setting.  */
-  __tzset_internal (1);
+  /* POSIX.1 8.1.1 requires that whenever mktime() is called, the
+     time zone names contained in the external variable `tzname' shall
+     be set as if the tzset() function had been called.  */
+  __tzset ();
 #endif
 
   return __mktime_internal (tp, localtime_r, &localtime_offset);
diff --git a/time/time.h b/time/time.h
index d12236fdf2..681b6007d8 100644
--- a/time/time.h
+++ b/time/time.h
@@ -1,4 +1,4 @@
-/* Copyright (C) 1991, 92, 93, 94, 95, 96 Free Software Foundation, Inc.
+/* Copyright (C) 1991, 92, 93, 94, 95, 96, 97 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
    The GNU C Library is free software; you can redistribute it and/or
@@ -171,7 +171,7 @@ extern struct tm *gmtime __P ((__const time_t *__timer));
    of *TIMER in the local timezone.  */
 extern struct tm *localtime __P ((__const time_t *__timer));
 
-#ifdef	__USE_REENTRANT
+#if defined __USE_POSIX || defined __USE_REENTRANT
 /* Return the `struct tm' representation of *TIMER in UTC,
    using *TP to store the result.  */
 extern struct tm *__gmtime_r __P ((__const time_t *__timer,
@@ -185,7 +185,7 @@ extern struct tm *__localtime_r __P ((__const time_t *__timer,
 				      struct tm *__tp));
 extern struct tm *localtime_r __P ((__const time_t *__timer,
 				    struct tm *__tp));
-#endif	/* reentrant */
+#endif	/* POSIX or reentrant */
 
 /* Compute the `struct tm' representation of *T,
    offset OFFSET seconds east of UTC,
@@ -201,7 +201,7 @@ extern char *asctime __P ((__const struct tm *__tp));
 /* Equivalent to `asctime (localtime (timer))'.  */
 extern char *ctime __P ((__const time_t *__timer));
 
-#ifdef	__USE_REENTRANT
+#if defined __USE_POSIX || defined __USE_REENTRANT
 /* Reentrant versions of the above functions.  */
 
 /* Return in BUF a string of the form "Day Mon dd hh:mm:ss yyyy\n"
@@ -211,7 +211,7 @@ extern char *asctime_r __P ((__const struct tm *__tp, char *__buf));
 
 /* Equivalent to `asctime_r (localtime_r (timer, *TMP*), buf)'.  */
 extern char *ctime_r __P ((__const time_t *__timer, char *__buf));
-#endif	/* reentrant */
+#endif	/* POSIX or reentrant */
 
 
 /* Defined in localtime.c.  */
diff --git a/time/tzfile.c b/time/tzfile.c
index 761ddc9539..ed7b0932f3 100644
--- a/time/tzfile.c
+++ b/time/tzfile.c
@@ -21,6 +21,7 @@
 #include <time.h>
 #include <string.h>
 #include <limits.h>
+#include <unistd.h>
 
 #define	NOID
 #include <tzfile.h>
@@ -79,6 +80,7 @@ decode (const void *ptr)
 void
 __tzfile_read (const char *file)
 {
+  static const char default_tzdir[] = TZDIR;
   size_t num_isstd, num_isgmt;
   register FILE *f;
   struct tzhead tzhead;
@@ -111,9 +113,19 @@ __tzfile_read (const char *file)
     /* User specified the empty string; use UTC explicitly.  */
     file = "Universal";
 
+  /* We must not allow to read an arbitrary file in a setuid program.
+     So we fail for any file which is not in the directory hierachy
+     starting at TZDIR.  */
+  if (__libc_enable_secure
+      && ((*file == '/'
+	   && memcmp (file, default_tzdir, sizeof (default_tzdir) - 1) != 0)
+	  || strstr (file, "../") != NULL))
+    /* This test a certainly a bit too restrictive but it should catch all
+       critical case.  */
+    return;
+
   if (*file != '/')
     {
-      static const char default_tzdir[] = TZDIR;
       const char *tzdir;
       unsigned int len, tzdir_len;
       char *new;
-- 
cgit 1.4.1