Message ID | 20250105055750.1668721-38-eggert@cs.ucla.edu (mailing list archive) |
---|---|
State | New |
Headers |
Return-Path: <libc-alpha-bounces~patchwork=sourceware.org@sourceware.org> X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id D63843858D3C for <patchwork@sourceware.org>; Sun, 5 Jan 2025 06:28:42 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org D63843858D3C Authentication-Results: sourceware.org; dkim=pass (2048-bit key, unprotected) header.d=cs.ucla.edu header.i=@cs.ucla.edu header.a=rsa-sha256 header.s=9D0B346E-2AEB-11ED-9476-E14B719DCE6C header.b=AQLitVm5 X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from mail.cs.ucla.edu (mail.cs.ucla.edu [131.179.128.66]) by sourceware.org (Postfix) with ESMTPS id 56D43385841E for <libc-alpha@sourceware.org>; Sun, 5 Jan 2025 05:59:50 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 56D43385841E Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=cs.ucla.edu Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=cs.ucla.edu ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 56D43385841E Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=131.179.128.66 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1736056790; cv=none; b=O4c56wGwUvHuVszR7zfODy7loxjlTFjUCKIqKmDPJvPAQGyCJvKH3Wf+LYIIqdH2DZMG0bvefu9f+YVmpPCrnN6hlrA9iyef/uwCxTMJfz+54EByjyNox/rd5wQLotJP042OlttMo26ddZb7kKUbcxqM2RzZBGtfyP/8ttgZlZY= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1736056790; c=relaxed/simple; bh=l+ztc6Twnxh2Nobh2N2cKl2nih9DDKgAFbJLULEfNUU=; h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version; b=ZvnLM/fuWKUbGsIu9VnCJyEWzgMQxHqrfQqXTnVxSVuT0FzHF9ELS/Z7IE+IUjNhRt3W004Eproovey7upIvC0DM4ihqoHt6o9Pv3FfiCyf8pKw7cqorksmXmvFlaTLyHmViQCAyUEpHLAQKiWs5ci0K5rq0cKxDICIePbGoSeI= ARC-Authentication-Results: i=1; server2.sourceware.org DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 56D43385841E Received: from localhost (localhost [127.0.0.1]) by mail.cs.ucla.edu (Postfix) with ESMTP id D04E63C123847 for <libc-alpha@sourceware.org>; Sat, 4 Jan 2025 21:59:49 -0800 (PST) Received: from mail.cs.ucla.edu ([127.0.0.1]) by localhost (mail.cs.ucla.edu [127.0.0.1]) (amavis, port 10032) with ESMTP id Vyr2Ln9MRCyx; Sat, 4 Jan 2025 21:59:49 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by mail.cs.ucla.edu (Postfix) with ESMTP id 94FC93C123845; Sat, 4 Jan 2025 21:59:49 -0800 (PST) DKIM-Filter: OpenDKIM Filter v2.10.3 mail.cs.ucla.edu 94FC93C123845 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cs.ucla.edu; s=9D0B346E-2AEB-11ED-9476-E14B719DCE6C; t=1736056789; bh=2Czm5/9ZgJc/480euiNE2l0CK7+Zyn/EvuPFHL9a/2s=; h=From:To:Date:Message-ID:MIME-Version; b=AQLitVm5PqfmXYaOi9DgBV2nIVXYxme2uGv+MjWqhh+XfhzpqvgfLAuSgB9Kd/Kea 5KbD17R/3Y6CSAAqvBAwaik18Wu5W6ofPG8cXzBa6Y9Q1w9U7tcNIdwuniD8zw6/GW yuT6W4gvlpZZn5cPNvByh4JLJSZea7h+XcHY5DPvkKGKBO56MMz0pBBELu5xNbXu6h uWVoH1l1lpugdqFF1ENWpV1yy9DOt+OOO9GwkDLoEZ5lHMuabssgCytrJqxcYJretL lvBXJ67Xz0IszjQ0dBGgTxcasd4z3ygePJhpD7vfthol/mFKMTGYZQWppZ+wlPWpbm MEsx/CnQY9eWw== X-Virus-Scanned: amavis at mail.cs.ucla.edu Received: from mail.cs.ucla.edu ([127.0.0.1]) by localhost (mail.cs.ucla.edu [127.0.0.1]) (amavis, port 10026) with ESMTP id n76qEIuSJmv2; Sat, 4 Jan 2025 21:59:49 -0800 (PST) Received: from wing.home (unknown [47.154.28.214]) by mail.cs.ucla.edu (Postfix) with ESMTPSA id 7E72E3C082EB9; Sat, 4 Jan 2025 21:59:49 -0800 (PST) From: Paul Eggert <eggert@cs.ucla.edu> To: libc-alpha@sourceware.org Cc: Paul Eggert <eggert@cs.ucla.edu> Subject: [PATCH 37/59] Tighten setuid TZif file name check Date: Sat, 4 Jan 2025 21:57:12 -0800 Message-ID: <20250105055750.1668721-38-eggert@cs.ucla.edu> X-Mailer: git-send-email 2.45.2 In-Reply-To: <01207110-bd60-46ae-9c08-fb39c2011067@cs.ucla.edu> References: <01207110-bd60-46ae-9c08-fb39c2011067@cs.ucla.edu> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-10.5 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, GIT_PATCH_0, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Libc-alpha mailing list <libc-alpha.sourceware.org> List-Unsubscribe: <https://sourceware.org/mailman/options/libc-alpha>, <mailto:libc-alpha-request@sourceware.org?subject=unsubscribe> List-Archive: <https://sourceware.org/pipermail/libc-alpha/> List-Post: <mailto:libc-alpha@sourceware.org> List-Help: <mailto:libc-alpha-request@sourceware.org?subject=help> List-Subscribe: <https://sourceware.org/mailman/listinfo/libc-alpha>, <mailto:libc-alpha-request@sourceware.org?subject=subscribe> Errors-To: libc-alpha-bounces~patchwork=sourceware.org@sourceware.org |
Series |
time: sync mktime from Gnulib
|
|
Checks
Context | Check | Description |
---|---|---|
redhat-pt-bot/TryBot-apply_patch | success | Patch applied to master at the time it was sent |
Commit Message
Paul Eggert
Jan. 5, 2025, 5:57 a.m. UTC
* time/tzfile.c (__tzfile_read): In a setuid program, reject TZ settings like "/usr/share/zoneinfobad/Foo" which have a prefix "/usr/share/zoneinfo" but do not refer to /usr/share/zoneinfo/*. --- time/tzfile.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/time/tzfile.c b/time/tzfile.c index 678ecdd58b..8efe5b2ec9 100644 --- a/time/tzfile.c +++ b/time/tzfile.c @@ -140,7 +140,7 @@ decode64 (const void *ptr) bool __tzfile_read (const char *file) { - static const char default_tzdir[] = TZDIR; + static const char default_tzdir[] = TZDIR "/"; tzidx isstdcnt, isutcnt; FILE *f; union { struct tzhead tzhead; tzidx tzidx_aligned; } u; @@ -178,6 +178,7 @@ __tzfile_read (const char *file) tzdir = default_tzdir; size_t tzdirlen = strlen (tzdir); + tzdirlen -= tzdir[tzdirlen - 1] == '/'; size_t filelen = strlen (file); new = malloc (tzdirlen + 1 + filelen + 1); if (new == NULL)