From: Ian Jackson <ian.jackson@eu.citrix.com>
Date: Wed, 4 May 2016 14:30:32 +0000 (+0100)
Subject: libxl: Do not trust frontend in libxl__device_nextid
X-Git-Tag: archive/raspbian/4.8.0-1+rpi1~1^2~1063
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=f9a7931b0d268ac57f585d67fc11be7c21f0f9da;p=xen.git

libxl: Do not trust frontend in libxl__device_nextid

When selecting the devid for a new device, we should look in
/libxl/device for existing devices, not in the frontend area.

This is part of XSA-175.

Signed-off-by: Ian Jackson <Ian.Jackson@eu.citrix.com>
Reviewed-by: Wei Liu <wei.liu2@citrix.com>
---

diff --git a/tools/libxl/libxl.c b/tools/libxl/libxl.c
index 306984ba2b..150be0f216 100644
--- a/tools/libxl/libxl.c
+++ b/tools/libxl/libxl.c
@@ -1986,15 +1986,16 @@ out:
 /* common function to get next device id */
 int libxl__device_nextid(libxl__gc *gc, uint32_t domid, char *device)
 {
-    char *dompath, **l;
+    char *libxl_dom_path, **l;
     unsigned int nb;
     int nextid = -1;
 
-    if (!(dompath = libxl__xs_get_dompath(gc, domid)))
+    if (!(libxl_dom_path = libxl__xs_libxl_path(gc, domid)))
         return nextid;
 
     l = libxl__xs_directory(gc, XBT_NULL,
-                            GCSPRINTF("%s/device/%s", dompath, device), &nb);
+        GCSPRINTF("%s/device/%s", libxl_dom_path, device),
+                            &nb);
     if (l == NULL || nb == 0)
         nextid = 0;
     else