tzset_basic: only call issetugid(2) if TZ has changed

If we are just going to return without parsing TZ, there is no need
to call issetugid(2) first.  We only need to call issetugid(2) the
first time TZ is checked or when the value of TZ has changed.
Previously, we called issetugid(2) for every call to the functions
described by localtime(3).  OK deraadt@

1 files changed, 8 insertions, 3 deletions

diff --git a/lib/libc/time/localtime.c b/lib/libc/time/localtime.c
index 2e1641183a8..82a3347bd93 100644
--- a/lib/libc/time/localtime.c
+++ b/lib/libc/time/localtime.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: localtime.c,v 1.65 2022/10/03 15:34:39 millert Exp $ */
+/*	$OpenBSD: localtime.c,v 1.66 2024/04/04 02:20:01 millert Exp $ */
 /*
 ** This file is in the public domain, so clarified as of
 ** 1996-06-05 by Arthur David Olson.
@@ -189,7 +189,6 @@ static struct state *	gmtptr;
 #define TZ_STRLEN_MAX 255
 #endif /* !defined TZ_STRLEN_MAX */
 
-static char		lcl_TZname[TZ_STRLEN_MAX + 1];
 static int		lcl_is_set;
 static int		gmt_is_set;
 _THREAD_PRIVATE_MUTEX(lcl);
@@ -1147,9 +1146,11 @@ tzsetwall(void)
 static void
 tzset_basic(void)
 {
+	static char	lcl_TZname[TZ_STRLEN_MAX + 1];
 	const char *	name;
 
-	if (issetugid() || (name = getenv("TZ")) == NULL) {
+	name = getenv("TZ");
+	if (name == NULL) {
 		tzsetwall_basic();
 		return;
 	}
@@ -1160,6 +1161,10 @@ tzset_basic(void)
 	if (lcl_is_set)
 		strlcpy(lcl_TZname, name, sizeof lcl_TZname);
 
+	/* Ignore TZ for setuid/setgid processes. */
+	if (issetugid())
+		name = TZDEFAULT;
+
 	if (lclptr == NULL) {
 		lclptr = calloc(1, sizeof *lclptr);
 		if (lclptr == NULL) {