lib/glibc
1
0
Fork 0
mirror of https://sourceware.org/git/glibc.git synced 2025-08-07 06:43:00 +03:00
Code Activity

update from main archive 970122

Browse Source 
1997-01-23  Paul Eggert  <eggert@twinsun.com>

	* mktime.c (mktime): Invoke __tzset, not __tzset_internal, to set tz,
	so that tzname is set as POSIX requires.

Fri Jan 24 02:49:18 1997  Ulrich Drepper  <drepper@cygnus.com>

	* dirent/dirent.h: Declare readdir_r also when __USE_POSIX.
	* grp/grp.h: Declare *_r functions also when __USE_POSIX.
	* pwd/pwd.h: Likewise.
	* time/time.h: Likewise.
	* posix/unistd.h: Declare ttyname_r also when __USE_POSIX.
	* string/string.h: Declare strtok_r also when __USE_POSIX.

	* stdio-common/bug7.c: Use tmpnam to generate names for test files.

	* stdio-common/tmpnam.c: Update copyright.
	* stdio-common/tmpnam_r.c: Likewise.

	* sysdeps/unix/sysv/linux/alpha/sys/kernel_termios.h: Protect
	against multiple inclusion.  Include <termbits.h>.
	* sysdeps/unix/sysv/linux/sys/kernel_termios.h: Likewise.

	* sysdeps/unix/sysv/linux/net/if.h: Update according to recent
	kernel headers.  Patch by Philip Blundell <pjb27@cam.ac.uk>.

Thu Jan 23 17:42:00 1997  Ulrich Drepper  <drepper@cygnus.com>

	* sysdeps/unix/sysv/linux/sparc/clone.S: Correct author attribution.

	* sysdeps/unix/sysv/linux/net/if_arp (MAX_ADDR_LEN): Add definition.

Thu Jan 23 14:20:34 1997  Ulrich Drepper  <drepper@cygnus.com>

	* time/tzfile.c (__tzfile_read): Don't allow arbitrary files to be
	read when running a setuid program.
This commit is contained in:
Ulrich Drepper
1997-01-24 02:23:54 +00:00
parent 8d57beeab1
commit 9d187dd4ad
21 changed files with 200 additions and 108 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
time/tzfile.c
View File

@@ -21,6 +21,7 @@
#include <time.h>
#include <string.h>
#include <limits.h>
#include <unistd.h>
#define NOID
#include <tzfile.h>
@@ -79,6 +80,7 @@ decode (const void *ptr)
void
__tzfile_read (const char *file)
{
static const char default_tzdir[] = TZDIR;
size_t num_isstd, num_isgmt;
register FILE *f;
struct tzhead tzhead;
@@ -111,9 +113,19 @@ __tzfile_read (const char *file)
/* User specified the empty string; use UTC explicitly. */
file = "Universal";
/* We must not allow to read an arbitrary file in a setuid program.
So we fail for any file which is not in the directory hierachy
starting at TZDIR. */
if (__libc_enable_secure
&& ((*file == '/'
&& memcmp (file, default_tzdir, sizeof (default_tzdir) - 1) != 0)
|| strstr (file, "../") != NULL))
/* This test a certainly a bit too restrictive but it should catch all
critical case. */
return;
if (*file != '/')
{
static const char default_tzdir[] = TZDIR;
const char *tzdir;
unsigned int len, tzdir_len;
char *new;