From nobody Mon Sep  1 06:35:41 2025
X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4cFfJY56DVz66J2N;
	Mon, 01 Sep 2025 06:35:41 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R12" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4cFfJY49dbz3jXx;
	Mon, 01 Sep 2025 06:35:41 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1756708541;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=/FCYP2t00VMLewuphBTvuVbnrIqjv7U4VUpnmErnu5A=;
	b=DxcgWPn6zGkIgKknIEPapIbCEqZ4ZccwQNQGpp2kQUBSXsVYQrhXcRJRILQH6ighEfaTEm
	U/iHQNCXnrl8OKRDGkR3pBCXMP4UHXuYdbCNYAkooIhVwv2sWmykp0S/0KrbnhEwxQpRhW
	QQPSqkytzXHqliFqPW+UmSWWRbEBx1BlzLkFu+IH7kLLhmqot+BhuKUvazFSasfHApSb4p
	vMTNOuR681t06SLL1UzK0QjGwnBTjJxS9aCw5SlZaT/bU7ZQ7zRTxBjDI8Na1hxn+vuQGr
	s6Z2DoufECeSZlEtzDkDlya9Cf34f/CS2T3LShc3eIEvgo8VrI0jRL3aEmislw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1756708541;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=/FCYP2t00VMLewuphBTvuVbnrIqjv7U4VUpnmErnu5A=;
	b=aKNqh+qP883v2Ahdr4Ung65cUVnm/4C5Kvw6EMIq7U5a6x2QKBAXG/B5/FvUdtP8kwimG5
	zCO6odo4R98n/VBni1Q0o8nqhgjqyvGFl957saYBHLxVMdIbLTq10EE7yWfZjs44Eehr7L
	iYXl7wPseGqeLIPLRaeeqi43JfKosSTWBPCCkrVNLXdpHwl0v0C8y3Bh71Tr6kOYgn1UIb
	y9Fhf18R7JQTSDFJ5Q2EyenKhBtAPlNsBqp8laPAJM/8LZTm4tC0/A/dhGca4liRY5LZpv
	IebnjYOcO2qUBSAkcfo/W43g8rVksrp61+UkiD8DMp19PXpZeUnM869VjJOgZA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1756708541; a=rsa-sha256; cv=none;
	b=WCpEph23lHPyLiwFixWff7aLRfdFx5fZfQulSZo62zQOggcuZisgW08Uke+e9YNwFH01B9
	IJNSdzsZh2v8ECL4G+boRfuOfQYZ2Vzegs94Q7sur8VIwdJ50txGChHNuT5rXqcqidcmR7
	r/i+JgKCaVo20iUN035rK5zh97BTbd7rLDAswUEHdt/Kif0klC3jofwg41NUkjp9+akYYT
	Ij/Way2DcAWiXBz/Ip2lKOd4omEeKQJZhychOta4FCIPaKp/vBMuEMDPol5tgETxfKnrqv
	iRt3fyV8AcNuRwBvpUzYGTW7HDtCRnDUWfn+JsOTPz6tDuB4OhQszZ/G8kfAZQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4cFfJY3QJmzntd;
	Mon, 01 Sep 2025 06:35:41 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 5816ZfrQ058065;
	Mon, 1 Sep 2025 06:35:41 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 5816ZfRP058062;
	Mon, 1 Sep 2025 06:35:41 GMT
	(envelope-from git)
Date: Mon, 1 Sep 2025 06:35:41 GMT
Message-Id: <202509010635.5816ZfRP058062@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-main@FreeBSD.org
From: Dag-Erling =?utf-8?Q?Sm=C3=B8rgrav?= <des@FreeBSD.org>
Subject: git: ca89e1535509 - main - tzcode: Don't treat TZDEFAULT
  as tainted
List-Id: Commit messages for the main branch of the src repository <dev-commits-src-main.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main
List-Help: <mailto:dev-commits-src-main+help@freebsd.org>
List-Post: <mailto:dev-commits-src-main@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-main+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-main+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-main@freebsd.org
Sender: owner-dev-commits-src-main@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: des
X-Git-Repository: src
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: ca89e15355097e9b57bf4e17a50506e081fe04b3
Auto-Submitted: auto-generated

The branch main has been updated by des:

URL: https://cgit.FreeBSD.org/src/commit/?id=ca89e15355097e9b57bf4e17a50506e081fe04b3

commit ca89e15355097e9b57bf4e17a50506e081fe04b3
Author:     Dag-Erling Smørgrav <des@FreeBSD.org>
AuthorDate: 2025-09-01 06:33:28 +0000
Commit:     Dag-Erling Smørgrav <des@FreeBSD.org>
CommitDate: 2025-09-01 06:33:47 +0000

    tzcode: Don't treat TZDEFAULT as tainted
    
    tzset() calls zoneinit() with the FROMENV flag set unconditionally, so
    if TZ is unset and we use TZDEFAULT instead, we were still treating it
    as if it came from the environment.  Unset the FROMENV flag if name is
    null and we switch to TZDEFAULT, or if, after skipping the optional
    leading colon, we find that name is identical to TZDEFAULT.
    
    This incorporates upstream change d0e0b00f846c ("Avoid unnecessary
    access, stat calls").
    
    Fixes:          b6ea2513f776 ("tzcode: Limit TZ for setugid programs")
    Event:          Oslo Hackathon 202508
    Reviewed by:    philip
    Differential Revision:  https://reviews.freebsd.org/D52240
---
 contrib/tzcode/localtime.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/contrib/tzcode/localtime.c b/contrib/tzcode/localtime.c
index a80d422f2955..15afeeecb6d0 100644
--- a/contrib/tzcode/localtime.c
+++ b/contrib/tzcode/localtime.c
@@ -615,6 +615,7 @@ tzloadbody(char const *name, struct state *sp, char tzloadflags,
 		name = TZDEFAULT;
 		if (! name)
 		  return EINVAL;
+		tzloadflags &= ~TZLOAD_FROMENV;
 	}
 
 	if (name[0] == ':')
@@ -670,11 +671,13 @@ tzloadbody(char const *name, struct state *sp, char tzloadflags,
 	fid = _open(name, (O_RDONLY | O_BINARY | O_CLOEXEC | O_CLOFORK
 			  | O_IGNORE_CTTY | O_NOCTTY));
 #else /* __FreeBSD__ */
+	if ((tzloadflags & TZLOAD_FROMENV) && strcmp(name, TZDEFAULT) == 0)
+          tzloadflags &= ~TZLOAD_FROMENV;
 	relname = name;
 	if (strncmp(relname, TZDIR "/", strlen(TZDIR) + 1) == 0)
 	  relname += strlen(TZDIR) + 1;
 	dd = _open(TZDIR, O_DIRECTORY | O_RDONLY);
-	if (issetugid() && (tzloadflags & TZLOAD_FROMENV)) {
+	if ((tzloadflags & TZLOAD_FROMENV) && issetugid()) {
 	  if (dd < 0)
 	    return errno;
 	  if (fstatat(dd, name, &sb, AT_RESOLVE_BENEATH) < 0) {
@@ -1624,14 +1627,13 @@ zoneinit(struct state *sp, char const *name, char tzloadflags)
 static void
 tzset_unlocked(void)
 {
+  char const *name = getenv("TZ");
 #ifdef __FreeBSD__
-  tzset_unlocked_name(getenv("TZ"));
+  tzset_unlocked_name(name);
 }
 static void
 tzset_unlocked_name(char const *name)
 {
-#else
-  char const *name = getenv("TZ");
 #endif
   struct state *sp = lclptr;
   int lcl = name ? strlen(name) < sizeof lcl_TZname : -1;