virt-aa-helper should require <uuid> in XML

When <uuid> is not in the XML, a virUUIDGenerate() ends up being called which
is unnecessary and can lead to crashes if /dev/urandom isn't available
because virRandomInitialize() is not called within virt-aa-helper. This patch
adds verify_xpath_context() and updates caps_mockup() to use it.

Bug-Ubuntu: https://launchpad.net/bugs/672943

diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c
index 0b56178a9b2fab636036765c019beaf72257dddd..5708cd82f9bb2df32cdc99813fa0d9c9c4f3b94d 100644 (file)
--- a/src/security/virt-aa-helper.c
+++ b/src/security/virt-aa-helper.c
@@ -605,6 +605,37 @@ catchXMLError (void *ctx, const char *msg ATTRIBUTE_UNUSED, ...)
     }
 }
 
+static int
+verify_xpath_context(xmlXPathContextPtr ctxt)
+{
+    int rc = -1;
+    char *tmp = NULL;
+
+    if (!ctxt) {
+        vah_warning("Invalid context");
+        goto error;
+    }
+
+    /* check if have <name> */
+    if (!(tmp = virXPathString("string(./name[1])", ctxt))) {
+        vah_warning("Could not find <name>");
+        goto error;
+    }
+    VIR_FREE(tmp);
+
+    /* check if have <uuid> */
+    if (!(tmp = virXPathString("string(./uuid[1])", ctxt))) {
+        vah_warning("Could not find <uuid>");
+        goto error;
+    }
+    VIR_FREE(tmp);
+
+    rc = 0;
+
+  error:
+    return rc;
+}
+
 /*
  * Parse the xml we received to fill in the following:
  * ctl->hvm
@@ -653,6 +684,10 @@ caps_mockup(vahControl * ctl, const char *xmlStr)
     }
     ctxt->node = root;
 
+    /* Quick sanity check for some required elements */
+    if (verify_xpath_context(ctxt) != 0)
+        goto cleanup;
+
     ctl->hvm = virXPathString("string(./os/type[1])", ctxt);
     if (!ctl->hvm || STRNEQ(ctl->hvm, "hvm")) {
         vah_error(ctl, 0, "os.type is not 'hvm'");