misc: Use gmtime for conversion to UTC to avoid getenv/setenv
This patch changes how we turn time into UTC. Previously we manipulated the TZ environment variable, but this has issues as the strings that are manipulated could be tainted (see e.g. CERT ENV34-C). Now we simply rely on the built-in gmtime function and avoid touching getenv/setenv all together.
This commit is contained in:
Andreas Hansson
parent
a4a8568bd2
commit
6290f98194
2 changed files with 4 additions and 24 deletions
|
|
@ -150,18 +150,7 @@ sleep(const Time &time)
|
|||
time_t
|
||||
mkutctime(struct tm *time)
|
||||
{
|
||||
time_t ret;
|
||||
char *tz;
|
||||
|
||||
tz = getenv("TZ");
|
||||
setenv("TZ", "", 1);
|
||||
tzset();
|
||||
ret = mktime(time);
|
||||
if (tz)
|
||||
setenv("TZ", tz, 1);
|
||||
else
|
||||
unsetenv("TZ");
|
||||
tzset();
|
||||
return ret;
|
||||
time_t local = mktime(time);
|
||||
return mktime(gmtime(&local));
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -53,17 +53,8 @@ DumbTOD::DumbTOD(const Params *p)
|
|||
: BasicPioDevice(p, 0x08)
|
||||
{
|
||||
struct tm tm = p->time;
|
||||
char *tz;
|
||||
|
||||
tz = getenv("TZ");
|
||||
setenv("TZ", "", 1);
|
||||
tzset();
|
||||
todTime = mktime(&tm);
|
||||
if (tz)
|
||||
setenv("TZ", tz, 1);
|
||||
else
|
||||
unsetenv("TZ");
|
||||
tzset();
|
||||
time_t local = mktime(&tm);
|
||||
todTime = mktime(gmtime(&local));
|
||||
|
||||
DPRINTFN("Real-time clock set to %s\n", asctime(&tm));
|
||||
DPRINTFN("Real-time clock set to %d\n", todTime);
|
||||
|
|
|
|||
Loading…
Reference in a new issue