From 22ed12a0f3266df4714057f9bdf2dfc9577bf80e Mon Sep 17 00:00:00 2001
From: "kaf24@localhost.localdomain" <kaf24@localhost.localdomain>
Date: Sat, 11 Nov 2006 01:23:11 +0000
Subject: [PATCH] [XENSTORED] Fix errno 'leak' in xenstored.

In certain cases, when a client doesn't have enough permissions, the
errno variable is not set in xenstored_core.c before its value is
reported back.  As a result, the client can learn about the errno of
the last failed request to xenstored (which could have come from
another client).  (An unintended information channel! :-)

From: Magnus Carlsson <magnus@galois.com>
Signed-off-by: Keir Fraser <keir@xensource.com>
---
 tools/xenstore/xenstored_core.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/tools/xenstore/xenstored_core.c b/tools/xenstore/xenstored_core.c
index 890f852d73..3f304b0e41 100644
--- a/tools/xenstore/xenstored_core.c
+++ b/tools/xenstore/xenstored_core.c
@@ -575,8 +575,10 @@ struct node *get_node(struct connection *conn,
 	/* If we don't have permission, we don't have node. */
 	if (node) {
 		if ((perm_for_conn(conn, node->perms, node->num_perms) & perm)
-		    != perm)
+		    != perm) {
+			errno = EACCES;
 			node = NULL;
+		}
 	}
 	/* Clean up errno if they weren't supposed to know. */
 	if (!node) 
-- 
2.30.2