tzcode: Fix TZ for non-setugid programs

The previous commit had the desired effect for setugid programs, but broke TZ for everyone else. I didn't notice because my test cases swap out /etc/localtime instead of setting TZ, so add a test case that sets TZ. Fixes: b6ea2513f7 ("tzcode: Limit TZ for setugid programs") Reviewed by: cy Differential Revision: https://reviews.freebsd.org/D52108
2026-06-14 19:20:18 -04:00 · 2025-08-22 09:22:17 +02:00 · 2025-08-22 09:22:17 +02:00 · a6b19979bf
commit a6b19979bf
parent 690ae8a202
2 changed files with 48 additions and 24 deletions
--- a/contrib/tzcode/localtime.c
+++ b/contrib/tzcode/localtime.c
@ -535,21 +535,22 @@ tzloadbody(char const *name, struct state *sp, bool doextend,
 	}
 	if (doaccess && access(name, R_OK) != 0)
 	  return errno;
+	fid = _open(name, O_RDONLY | O_BINARY);
 #else /* __FreeBSD__ */
-        if (issetugid()) {
+        {
          const char *relname = name;
          if (strncmp(relname, TZDIR "/", strlen(TZDIR) + 1) == 0)
            relname += strlen(TZDIR) + 1;
          int dd = _open(TZDIR, O_DIRECTORY | O_RDONLY);
          if (dd < 0)
            return errno;
-          fid = _openat(dd, relname, O_RDONLY | O_BINARY, AT_RESOLVE_BENEATH);
+          fid = _openat(dd, relname, O_RDONLY | O_BINARY,
+                        issetugid() ? AT_RESOLVE_BENEATH : 0);
          serrno = errno;
          _close(dd);
          errno = serrno;
-        } else
-#endif
-	fid = _open(name, O_RDONLY | O_BINARY);
+        }
+#endif /* __FreeBSD__ */
 	if (fid < 0)
 	  return errno;

--- a/lib/libc/tests/stdtime/detect_tz_changes_test.c
+++ b/lib/libc/tests/stdtime/detect_tz_changes_test.c
@ -20,6 +20,26 @@

 #include <atf-c.h>

+static const struct tzcase {
+	const char *tzfn;
+	const char *expect;
+} tzcases[] = {
+	/*
+	 * A handful of time zones and the expected result of
+	 * strftime("%z (%Z)", tm) when that time zone is active
+	 * and tm represents a date in the summer of 2025.
+	 */
+	{ "America/Vancouver",	"-0700 (PDT)"	},
+	{ "America/New_York",	"-0400 (EDT)"	},
+	{ "Europe/London",	"+0100 (BST)"	},
+	{ "Europe/Paris",	"+0200 (CEST)"	},
+	{ "Asia/Kolkata",	"+0530 (IST)"	},
+	{ "Asia/Tokyo",		"+0900 (JST)"	},
+	{ "Australia/Canberra",	"+1000 (AEST)"	},
+	{ "UTC",		"+0000 (UTC)"	},
+	{ 0 },
+};
+
 static const time_t then = 1751328000; /* 2025-07-01 00:00:00 UTC */
 static const char *tz_change_interval_sym = "__tz_change_interval";
 static int *tz_change_interval_p;
@ -91,25 +111,6 @@ ATF_TC_HEAD(detect_tz_changes, tc)
 }
 ATF_TC_BODY(detect_tz_changes, tc)
 {
-	static const struct tzcase {
-		const char *tzfn;
-		const char *expect;
-	} tzcases[] = {
-		/*
-		 * A handful of time zones and the expected result of
-		 * strftime("%z (%Z)", tm) when that time zone is active
-		 * and tm represents a date in the summer of 2025.
-		 */
-		{ "America/Vancouver",	"-0700 (PDT)"	},
-		{ "America/New_York",	"-0400 (EDT)"	},
-		{ "Europe/London",	"+0100 (BST)"	},
-		{ "Europe/Paris",	"+0200 (CEST)"	},
-		{ "Asia/Kolkata",	"+0530 (IST)"	},
-		{ "Asia/Tokyo",		"+0900 (JST)"	},
-		{ "Australia/Canberra",	"+1000 (AEST)"	},
-		{ "UTC",		"+0000 (UTC)"	},
-		{ 0 },
-	};
 	char obuf[1024] = "";
 	char ebuf[1024] = "";
 	struct pollfd fds[3];
@ -272,10 +273,32 @@ ATF_TC_BODY(detect_tz_changes, tc)
 	ATF_REQUIRE_EQ(0, WEXITSTATUS(status));
 }

+ATF_TC(tz_env);
+ATF_TC_HEAD(tz_env, tc)
+{
+	atf_tc_set_md_var(tc, "descr", "Test TZ environment variable");
+}
+ATF_TC_BODY(tz_env, tc)
+{
+	char buf[128];
+	const struct tzcase *tzcase = NULL;
+	struct tm *tm;
+	size_t len;
+
+	for (tzcase = tzcases; tzcase->tzfn != NULL; tzcase++) {
+		setenv("TZ", tzcase->tzfn, 1);
+		ATF_REQUIRE((tm = localtime(&then)) != NULL);
+		len = strftime(buf, sizeof(buf), "%z (%Z)", tm);
+		ATF_REQUIRE(len > 0);
+		ATF_REQUIRE_STREQ(tzcase->expect, buf);
+	}
+}
+
 ATF_TP_ADD_TCS(tp)
 {
 	debugging = !getenv("__RUNNING_INSIDE_ATF_RUN") &&
 	    isatty(STDERR_FILENO);
 	ATF_TP_ADD_TC(tp, detect_tz_changes);
+	ATF_TP_ADD_TC(tp, tz_env);
 	return (atf_no_error());
 }