File xsa175-0004-libxl-Do-not-trust-frontend-in-libxl__device_nextid.patch of Package xen.7317

References: bsc#979620 CVE-2016-4962 XSA-175

From 31c78e76bdeb450ce0e0b32e9f5b0e284d4b9958 Mon Sep 17 00:00:00 2001
From: Ian Jackson <ian.jackson@eu.citrix.com>
Date: Wed, 4 May 2016 15:30:32 +0100
Subject: [PATCH 04/12] libxl: Do not trust frontend in libxl__device_nextid

When selecting the devid for a new device, we should look in
/libxl/device for existing devices, not in the frontend area.

This is part of XSA-175.

Signed-off-by: Ian Jackson <Ian.Jackson@eu.citrix.com>
Reviewed-by: Wei Liu <wei.liu2@citrix.com>
---
 tools/libxl/libxl.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

Index: xen-4.4.4-testing/tools/libxl/libxl.c
===================================================================
--- xen-4.4.4-testing.orig/tools/libxl/libxl.c
+++ xen-4.4.4-testing/tools/libxl/libxl.c
@@ -1754,15 +1754,16 @@ out:
 /* common function to get next device id */
 static int libxl__device_nextid(libxl__gc *gc, uint32_t domid, char *device)
 {
-    char *dompath, **l;
+    char *libxl_dom_path, **l;
     unsigned int nb;
     int nextid = -1;
 
-    if (!(dompath = libxl__xs_get_dompath(gc, domid)))
+    if (!(libxl_dom_path = libxl__xs_libxl_path(gc, domid)))
         return nextid;
 
     l = libxl__xs_directory(gc, XBT_NULL,
-                            GCSPRINTF("%s/device/%s", dompath, device), &nb);
+        GCSPRINTF("%s/device/%s", libxl_dom_path, device),
+                            &nb);
     if (l == NULL || nb == 0)
         nextid = 0;
     else