From nobody Thu Oct 2 08:20:44 2025 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4ccl9T1whsz69KTy; Thu, 02 Oct 2025 08:20:45 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R12" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4ccl9T0B0Rz4MhV; Thu, 02 Oct 2025 08:20:45 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1759393245; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=g92UVaPKCQ9mC0cJ/yCkWXZK6gmbXQTpIQnnq6h06i8=; b=UOHwmMnUbhbdMGQdOltUw52Y4OQJ104kCqKAiybSOZQQVjHC4QYFSgCix0hxbXyTF/miRG GVzrRmgIKYFr3fyjdjDOnBs1AGgDTvstSa5JhjyxIS3FYfcqezYJQ2pj+ryP9pZqdmPumq 6/p5QOqdTXwud30CP6Rw6ghOxs3OnaIQtubb9pG7pzu3zaY76JZVwFXR/2MlG0B9RIMxtb pctIfUodTuo+pUERA0Hu+moalflZbNWX+VcwqNOiCuN1BkhF3eugAWYxsPCHlQQNktonj5 RoPZEy5ogJiXWAxvm51uvDJwtpm7q2kpiGmz2Ae/27HgbAU1PoFhS9QYVg1W+g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1759393245; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=g92UVaPKCQ9mC0cJ/yCkWXZK6gmbXQTpIQnnq6h06i8=; b=RDqSJ42Uc4K0Mgsmus6mfcHn2+mAcZEXkmTQCKVr5a+ZZQPcXBQT373CUBzhIQ5No9C9WB B9nnZnPcn+GFo3KUaQjC8VJP3PEdu5zs2AFrqNUuWjtjYH1KoG0R2JDIs0CspZ7mVzdE7v qbNTdKbt9TcKc9pKTcYyCe30KRNMZzuj65iw4ubgMvz6Km5K3wDvFEQ3Wod+/xLLu9ZNk3 UK0IprTrmJaCW4xgK9cob543RHd748lP+xV4zOO7RP8FS0/dTt7lgw2LJ9olaKJTsjedtj McCFrA2NkR86ws3XlwlLwz24flLI0A5MXlh5kXRI9GB3JnW+ivCfU3xx11bL4A== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1759393245; a=rsa-sha256; cv=none; b=JFQ9P0XMqqlO08L9+Oneud2oeviUOxnpthwTF3gR/DEZrUWoPjl0Mw7yCoUnkY/ng1tHj5 GnFpMoY0rvg7imduKgRsUeGZgvDs+KR9mzj9Yl0Yh+OrtHVO4ropcyh6WtxuyhY0wS/CeI dER+dBQRqUnJY+PaCc0KzzdQoAr5A8u+9UNmUz3OnG0R1lsCna2bcD6BGO1ip34OBRtVDC OvTdcdmhMd2Z0hS6NYOwWsc80QQkXCamE5lgtWnuMqvqkxqhkRNS2Bcuf9e4M3FM+MGZyz mK8M6KnYnqtdFspXR//D8DOGo/xFwNroOZbasbMZI2iYxsGTReID8ldJXVybzg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4ccl9S669zz10Km; Thu, 02 Oct 2025 08:20:44 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 5928KiJD023203; Thu, 2 Oct 2025 08:20:44 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 5928Ki1B023200; Thu, 2 Oct 2025 08:20:44 GMT (envelope-from git) Date: Thu, 2 Oct 2025 08:20:44 GMT Message-Id: <202510020820.5928Ki1B023200@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Dag-Erling =?utf-8?Q?Sm=C3=B8rgrav?= Subject: git: 4048c39cfa6f - stable/15 - tzcode: Fix issues when TZ is an absolute path List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: des X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: 4048c39cfa6f5db13042bed68f27d0070eaac25e Auto-Submitted: auto-generated The branch stable/15 has been updated by des: URL: https://cgit.FreeBSD.org/src/commit/?id=4048c39cfa6f5db13042bed68f27d0070eaac25e commit 4048c39cfa6f5db13042bed68f27d0070eaac25e Author: Dag-Erling Smørgrav AuthorDate: 2025-09-27 17:07:04 +0000 Commit: Dag-Erling Smørgrav CommitDate: 2025-10-02 08:19:24 +0000 tzcode: Fix issues when TZ is an absolute path * If TZ starts with TZDIR, strip any additional slashes so relname does not end up looking like an absolute path. For instance, TZ=/usr/share/zoneinfo//UTC should result in UTC, not /UTC. * In the setugid case, we were incorrectly passing name rather than relname to fstatat(). * Modify the tz_env and tz_env_setugid test cases to exercise both of these scenarios. * Also add test cases for invalid values of TZ, which I wrote earlier but forgot to include in a5f14e4f9069. Reported by: Paul Eggert MFC after: 3 days Fixes: 967a49a21a27 ("Update tzcode to 2025b") Fixes: a5f14e4f9069 ("tzcode: Use -00 only for invalid time zones") Reviewed by: philip Differential Revision: https://reviews.freebsd.org/D52753 (cherry picked from commit df8bc705eb04aff2f718678fffb9d5d4f5d7c223) tzcode: Really fix issues when TZ is an absolute path This was accidentally left out of the previous commit. Fixes: df8bc705eb04 ("tzcode: Fix issues when TZ is an absolute path") (cherry picked from commit 202b59c35ead5bd2b71331169bdeb4845cb655c1) tzcode: Tweak open flags. Upstream uses a set of flags that reduces to O_RDONLY | O_CLOEXEC when you ignore flags that either don't exist in FreeBSD or have no effect. We were using O_RDONLY | O_BINARY, which reduces to O_RDONLY. Add O_CLOEXEC. Also replace O_RDONLY with the more accurate O_SEARCH when opening TZDIR. MFC after: 3 days Fixes: 967a49a21a27 ("Update tzcode to 2025b") (cherry picked from commit d28e4ce6cb61916b4f6bedcf4205a4da1ae121e1) --- contrib/tzcode/localtime.c | 13 ++-- lib/libc/gen/sysconf.c | 2 +- lib/libc/tests/stdtime/Makefile | 1 + lib/libc/tests/stdtime/detect_tz_changes_test.c | 90 ++++++++++++++++++++++--- 4 files changed, 92 insertions(+), 14 deletions(-) diff --git a/contrib/tzcode/localtime.c b/contrib/tzcode/localtime.c index c98134f7be7c..1668475ea646 100644 --- a/contrib/tzcode/localtime.c +++ b/contrib/tzcode/localtime.c @@ -672,26 +672,29 @@ tzloadbody(char const *name, struct state *sp, char tzloadflags, if ((tzloadflags & TZLOAD_FROMENV) && strcmp(name, TZDEFAULT) == 0) tzloadflags &= ~TZLOAD_FROMENV; relname = name; - if (strncmp(relname, TZDIR "/", strlen(TZDIR) + 1) == 0) + if (strncmp(relname, TZDIR "/", strlen(TZDIR) + 1) == 0) { relname += strlen(TZDIR) + 1; - dd = open(TZDIR, O_DIRECTORY | O_RDONLY); + while (*relname == '/') + relname++; + } + dd = open(TZDIR, O_DIRECTORY | O_SEARCH | O_CLOEXEC); if ((tzloadflags & TZLOAD_FROMENV) && issetugid()) { if (dd < 0) return errno; - if (fstatat(dd, name, &sb, AT_RESOLVE_BENEATH) < 0) { + if (fstatat(dd, relname, &sb, AT_RESOLVE_BENEATH) < 0) { fid = -1; } else if (!S_ISREG(sb.st_mode)) { fid = -1; errno = EINVAL; } else { - fid = openat(dd, relname, O_RDONLY | O_BINARY, AT_RESOLVE_BENEATH); + fid = openat(dd, relname, O_RDONLY | O_CLOEXEC | O_RESOLVE_BENEATH); } } else { if (dd < 0) { relname = name; dd = AT_FDCWD; } - fid = openat(dd, relname, O_RDONLY | O_BINARY, 0); + fid = openat(dd, relname, O_RDONLY | O_CLOEXEC); } if (dd != AT_FDCWD && dd >= 0) { serrno = errno; diff --git a/lib/libc/gen/sysconf.c b/lib/libc/gen/sysconf.c index 66562d0e29f0..b5b732eed05d 100644 --- a/lib/libc/gen/sysconf.c +++ b/lib/libc/gen/sysconf.c @@ -51,7 +51,7 @@ #include "un-namespace.h" #include "../stdlib/atexit.h" -#include "tzdir.h" /* from ../../../contrib/tzcode/stdtime */ +#include "tzdir.h" /* from ../../../contrib/tzcode */ #include "libc_private.h" #define _PATH_ZONEINFO TZDIR /* from tzfile.h */ diff --git a/lib/libc/tests/stdtime/Makefile b/lib/libc/tests/stdtime/Makefile index 6b9068e1641b..590dea22da31 100644 --- a/lib/libc/tests/stdtime/Makefile +++ b/lib/libc/tests/stdtime/Makefile @@ -3,6 +3,7 @@ ATF_TESTS_C+= strptime_test ATF_TESTS_C+= detect_tz_changes_test +CFLAGS.detect_tz_changes_test+= -I${SRCTOP}/contrib/tzcode .if ${MK_DETECT_TZ_CHANGES} != "no" CFLAGS.detect_tz_changes_test+= -DDETECT_TZ_CHANGES .endif diff --git a/lib/libc/tests/stdtime/detect_tz_changes_test.c b/lib/libc/tests/stdtime/detect_tz_changes_test.c index 6648d8498cc5..fe6b04357331 100644 --- a/lib/libc/tests/stdtime/detect_tz_changes_test.c +++ b/lib/libc/tests/stdtime/detect_tz_changes_test.c @@ -20,6 +20,8 @@ #include #include +#include "tzdir.h" + #include static const struct tzcase { @@ -62,9 +64,9 @@ debug(const char *fmt, ...) static void change_tz(const char *tzn) { - static const char *zfn = "/usr/share/zoneinfo"; - static const char *tfn = "root/etc/.localtime"; - static const char *dfn = "root/etc/localtime"; + static const char *zfn = TZDIR; + static const char *tfn = "root" TZDEFAULT ".tmp"; + static const char *dfn = "root" TZDEFAULT; ssize_t clen; int zfd, sfd, dfd; @@ -96,6 +98,50 @@ test_tz(const char *expect) ATF_CHECK_STREQ(expect, buf); } +ATF_TC(tz_default); +ATF_TC_HEAD(tz_default, tc) +{ + atf_tc_set_md_var(tc, "descr", "Test default zone"); + atf_tc_set_md_var(tc, "require.user", "root"); +} +ATF_TC_BODY(tz_default, tc) +{ + /* prepare chroot with no /etc/localtime */ + ATF_REQUIRE_EQ(0, mkdir("root", 0755)); + ATF_REQUIRE_EQ(0, mkdir("root/etc", 0755)); + /* enter chroot */ + ATF_REQUIRE_EQ(0, chroot("root")); + ATF_REQUIRE_EQ(0, chdir("/")); + /* check timezone */ + unsetenv("TZ"); + test_tz("+0000 (UTC)"); +} + +ATF_TC(tz_invalid_file); +ATF_TC_HEAD(tz_invalid_file, tc) +{ + atf_tc_set_md_var(tc, "descr", "Test invalid zone file"); + atf_tc_set_md_var(tc, "require.user", "root"); +} +ATF_TC_BODY(tz_invalid_file, tc) +{ + static const char *dfn = "root/etc/localtime"; + int fd; + + /* prepare chroot with bogus /etc/localtime */ + ATF_REQUIRE_EQ(0, mkdir("root", 0755)); + ATF_REQUIRE_EQ(0, mkdir("root/etc", 0755)); + ATF_REQUIRE((fd = open(dfn, O_RDWR | O_CREAT, 0644)) >= 0); + ATF_REQUIRE_EQ(8, write(fd, "invalid\n", 8)); + ATF_REQUIRE_EQ(0, close(fd)); + /* enter chroot */ + ATF_REQUIRE_EQ(0, chroot("root")); + ATF_REQUIRE_EQ(0, chdir("/")); + /* check timezone */ + unsetenv("TZ"); + test_tz("+0000 (-00)"); +} + ATF_TC(thin_jail); ATF_TC_HEAD(thin_jail, tc) { @@ -327,10 +373,38 @@ ATF_TC_HEAD(tz_env, tc) } ATF_TC_BODY(tz_env, tc) { - const struct tzcase *tzcase; + char path[MAXPATHLEN]; + const struct tzcase *tzcase = tzcases; + int len; + /* relative path */ for (tzcase = tzcases; tzcase->tzfn != NULL; tzcase++) test_tz_env(tzcase->tzfn, tzcase->expect); + /* absolute path */ + for (tzcase = tzcases; tzcase->tzfn != NULL; tzcase++) { + len = snprintf(path, sizeof(path), "%s/%s", TZDIR, tzcase->tzfn); + ATF_REQUIRE(len > 0 && (size_t)len < sizeof(path)); + test_tz_env(path, tzcase->expect); + } + /* absolute path with additional slashes */ + for (tzcase = tzcases; tzcase->tzfn != NULL; tzcase++) { + len = snprintf(path, sizeof(path), "%s/////%s", TZDIR, tzcase->tzfn); + ATF_REQUIRE(len > 0 && (size_t)len < sizeof(path)); + test_tz_env(path, tzcase->expect); + } +} + + +ATF_TC(tz_invalid_env); +ATF_TC_HEAD(tz_invalid_env, tc) +{ + atf_tc_set_md_var(tc, "descr", "Test invalid TZ value"); + atf_tc_set_md_var(tc, "require.user", "root"); +} +ATF_TC_BODY(tz_invalid_env, tc) +{ + test_tz_env("invalid", "+0000 (-00)"); + test_tz_env(":invalid", "+0000 (-00)"); } ATF_TC(setugid); @@ -367,23 +441,23 @@ ATF_TC_HEAD(tz_env_setugid, tc) } ATF_TC_BODY(tz_env_setugid, tc) { - const struct tzcase *tzcase = tzcases; - ATF_REQUIRE_EQ(0, seteuid(UID_NOBODY)); ATF_REQUIRE(issetugid()); - for (tzcase = tzcases; tzcase->tzfn != NULL; tzcase++) - test_tz_env(tzcase->tzfn, tzcase->expect); + ATF_TC_BODY_NAME(tz_env)(tc); } ATF_TP_ADD_TCS(tp) { debugging = !getenv("__RUNNING_INSIDE_ATF_RUN") && isatty(STDERR_FILENO); + ATF_TP_ADD_TC(tp, tz_default); + ATF_TP_ADD_TC(tp, tz_invalid_file); ATF_TP_ADD_TC(tp, thin_jail); #ifdef DETECT_TZ_CHANGES ATF_TP_ADD_TC(tp, detect_tz_changes); #endif /* DETECT_TZ_CHANGES */ ATF_TP_ADD_TC(tp, tz_env); + ATF_TP_ADD_TC(tp, tz_invalid_env); ATF_TP_ADD_TC(tp, setugid); ATF_TP_ADD_TC(tp, tz_env_setugid); return (atf_no_error());