From: Ian Jackson Date: Wed, 4 May 2016 15:59:38 +0000 (+0100) Subject: libxl: Do not trust backend in channel list X-Git-Tag: archive/raspbian/4.8.0-1+rpi1~1^2~1037 X-Git-Url: https://dgit.raspbian.org/%22http:/www.example.com/cgi/%22https:/%22bookmarks:/%22man:///%22http:/www.example.com/cgi/%22https:/%22bookmarks:/%22man:/?a=commitdiff_plain;h=4f79473898bad5b311646b3a64e9892cd2993099;p=xen.git libxl: Do not trust backend in channel list Read the name from /libxl/device. Pass the /libxl path to libxl__device_channel_from_xenstore. This removes the final route by which READ_LIBXLDEV might receive a backend path. This is part of XSA-178. Signed-off-by: Ian Jackson Reviewed-by: Wei Liu --- v2: Remove be_path variable which is now no longer used. --- diff --git a/tools/libxl/libxl.c b/tools/libxl/libxl.c index bbe37434f5..9ff08a5ffb 100644 --- a/tools/libxl/libxl.c +++ b/tools/libxl/libxl.c @@ -3959,7 +3959,7 @@ static int libxl__append_channel_list(libxl__gc *gc, libxl_device_channel **channels, int *nchannels) { - char *libxl_dir_path = NULL, *be_path = NULL; + char *libxl_dir_path = NULL; char **dir = NULL; unsigned int n = 0, devid = 0; libxl_device_channel *next = NULL; @@ -3976,10 +3976,7 @@ static int libxl__append_channel_list(libxl__gc *gc, libxl_device_channel *tmp; libxl_path = GCSPRINTF("%s/%s", libxl_dir_path, dir[i]); - be_path = libxl__xs_read(gc, XBT_NULL, - GCSPRINTF("%s/backend", libxl_path)); - if (!be_path) continue; - name = libxl__xs_read(gc, XBT_NULL, GCSPRINTF("%s/name", be_path)); + name = libxl__xs_read(gc, XBT_NULL, GCSPRINTF("%s/name", libxl_path)); /* 'channels' are consoles with names, so ignore all consoles without names */ if (!name) continue; @@ -3991,7 +3988,7 @@ static int libxl__append_channel_list(libxl__gc *gc, } *channels = tmp; next = *channels + *nchannels + devid; - rc = libxl__device_channel_from_xenstore(gc, be_path, next); + rc = libxl__device_channel_from_xenstore(gc, libxl_path, next); if (rc) goto out; next->devid = devid; devid++;