Fix CVE-2017-11334:

https://bugzilla.redhat.com/show_bug.cgi?id=1471638
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11334

Patch copied from upstream source repository:

http://git.qemu.org/?p=qemu.git;a=commitdiff;h=04bf2526ce87f21b32c9acba1c5518708c243ad0

From 04bf2526ce87f21b32c9acba1c5518708c243ad0 Mon Sep 17 00:00:00 2001
From: Prasad J Pandit <pjp@fedoraproject.org>
Date: Wed, 12 Jul 2017 18:08:40 +0530
Subject: [PATCH] exec: use qemu_ram_ptr_length to access guest ram

When accessing guest's ram block during DMA operation, use
'qemu_ram_ptr_length' to get ram block pointer. It ensures
that DMA operation of given length is possible; And avoids
any OOB memory access situations.

Reported-by: Alex <broscutamaker@gmail.com>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Message-Id: <20170712123840.29328-1-ppandit@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
 exec.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/exec.c b/exec.c
index a083ff89ad..ad103ce483 100644
--- a/exec.c
+++ b/exec.c
@@ -2929,7 +2929,7 @@ static MemTxResult address_space_write_continue(AddressSpace *as, hwaddr addr,
             }
         } else {
             /* RAM case */
-            ptr = qemu_map_ram_ptr(mr->ram_block, addr1);
+            ptr = qemu_ram_ptr_length(mr->ram_block, addr1, &l);
             memcpy(ptr, buf, l);
             invalidate_and_set_dirty(mr, addr1, l);
         }
@@ -3020,7 +3020,7 @@ MemTxResult address_space_read_continue(AddressSpace *as, hwaddr addr,
             }
         } else {
             /* RAM case */
-            ptr = qemu_map_ram_ptr(mr->ram_block, addr1);
+            ptr = qemu_ram_ptr_length(mr->ram_block, addr1, &l);
             memcpy(buf, ptr, l);
         }
 
-- 
2.13.3

/option>
<option value='range'>range</option>
</select>
<input class='txt' type='search' size='10' name='q' value=''/>
<input type='submit' value='search'/>
</form>
</td></tr></table>
<div class='path'>path: <a href='/guix/log/?id=51b36ab71f1e5051fff55ccc4fd1855a927985dd'>root</a>/<a href='/guix/log/po?id=51b36ab71f1e5051fff55ccc4fd1855a927985dd'>po</a>/<a href='/guix/log/po/packages?id=51b36ab71f1e5051fff55ccc4fd1855a927985dd'>packages</a>/<a href='/guix/log/po/packages/hu.po?id=51b36ab71f1e5051fff55ccc4fd1855a927985dd'>hu.po</a></div><div class='content'><table class='list nowrap'><tr class='nohover'><th class='left'>Age</th><th class='left'>Commit message (<a href='/guix/log/po/packages/hu.po?id=51b36ab71f1e5051fff55ccc4fd1855a927985dd&amp;showmsg=1'>Expand</a>)</th><th class='left'>Author</th></tr>
<tr><td><span title='2022-05-01 18:07:34 +0200'>2022-05-01</span></td><td><a href='/guix/commit/po/packages/hu.po?id=6b4124cdcc203d47dc40158062afa1497d73d592'>nls: Update translations.</a><span class='msg-avail'>...<span class='msg-tooltip'>po/guix/ja.po: New file.
po/guix/LINGUAS: Add it.
</span></span></td><td>Julien Lepiller</td></tr>
<tr><td><span title='2022-04-02 18:42:36 +0200'>2022-04-02</span></td><td><a href='/guix/commit/po/packages/hu.po?id=8a208df17fe81fbf34f5a86cc52bb0b8e33c7b96'>nls: Update translations.</a><span class='msg-avail'>...<span class='msg-tooltip'>* po/packages/fi.po: New file.
* po/packages/LINGUAS: Add it.
</span></span></td><td>Julien Lepiller</td></tr>
<tr><td><span title='2022-03-01 22:17:18 +0100'>2022-03-01</span></td><td><a href='/guix/commit/po/packages/hu.po?id=8c92d85e06e65c5cdb5f6c75faf8aa33e5a68513'>nls: Update translations.</a><span class='msg-avail'>...<span class='msg-tooltip'>* po/doc/guix-cookbook.uk.po: New file.
* po/doc/local.mk: Add uk cookbook.
* doc/local.mk: Add uk cookbook.
* po/guix/fa.po: New file.
* po/guix/uk.po: New file.
* po/guix/LINGUAS: Add fa and uk.
</span></span></td><td>Julien Lepiller</td></tr>
<tr><td><span title='2022-02-04 18:29:00 +0100'>2022-02-04</span></td><td><a href='/guix/commit/po/packages/hu.po?id=8391a99d089322a39cbacb1e6dc2979d8b2ef7c9'>nls: Update translations.</a><span class='msg-avail'>...<span class='msg-tooltip'>* po/doc/guix-cookbook.pt_BR.po: New file.
* po/doc/local.mk: Add it.
* doc/local.mk: Add pt_BR cookbook.
</span></span></td><td>Julien Lepiller</td></tr>
<tr><td><span title='2022-01-09 11:35:59 +0100'>2022-01-09</span></td><td><a href='/guix/commit/po/packages/hu.po?id=934b0cdfee2078bad42429427e12d6ee2ddb7fec'>nls: Update translations.</a><span class='msg-avail'>...<span class='msg-tooltip'>* po/doc/guix-cookbook.fi.po: New file.
* po/doc/guix-manual.fi.po: New file.
* po/doc/local.mk: Add them.
* doc/local.mk: Add them.
* po/guix/fi.po: New file.
* po/guix/LINGUAS: Add it.
</span></span></td><td>Julien Lepiller</td></tr>
<tr><td><span title='2021-12-04 19:40:52 +0100'>2021-12-04</span></td><td><a href='/guix/commit/po/packages/hu.po?id=7fcb20a8fa242ab53b9bc97ef0b0367c6a399bd4'>nls: Update translations.</a></td><td>Julien Lepiller</td></tr>
<tr><td><span title='2021-11-06 14:06:36 +0100'>2021-11-06</span></td><td><a href='/guix/commit/po/packages/hu.po?id=85430a9ea6f32aaae3e34741e292a01a2de62ee0'>nls: Update translations.</a><span class='msg-avail'>...<span class='msg-tooltip'>* po/doc/guix-cookbook.es.po: New file.
* po/doc/local.mk: Add 'es' cookbook.
* doc/local.mk: Add 'es' cookbook.
</span></span></td><td>Julien Lepiller</td></tr>
<tr><td><span title='2021-10-17 22:10:25 +0200'>2021-10-17</span></td><td><a href='/guix/commit/po/packages/hu.po?id=15c91189cb61c579f4289047c79530cefe75215f'>nls: Update translations.</a></td><td>Julien Lepiller</td></tr>
<tr><td><span title='2021-09-02 04:06:52 +0200'>2021-09-02</span></td><td><a href='/guix/commit/po/packages/hu.po?id=1ff2092a39dc5c7c7cd9b4a0ba4b59f92e738efc'>nls: Update translations.</a><span class='msg-avail'>...<span class='msg-tooltip'>* po/packages/it.po: New file.
* po/packages/LINGUAS: Add `it'.
* po/*/*.po: Update translations.
</span></span></td><td>Julien Lepiller</td></tr>
<tr><td><span title='2021-08-04 14:49:53 +0200'>2021-08-04</span></td><td><a href='/guix/commit/po/packages/hu.po?id=6c10c96fedf707d7be059aeb79bd5c8e2d2fa210'>nls: Update translations.</a><span class='msg-avail'>...<span class='msg-tooltip'>* po/doc/guix-cookbook.ru.po: New file.
* po/doc/guix-cookbook.sk.po: New file.
* po/*/*.po: Update translations.
* doc/local.mk (COOKBOOK_LANGUAGES): Add ru and sk.
(info_TEXINFOS): Add Russian and Slovak cookbooks.
* po/doc/local.mk (DOC_COOKBOOK_PO_FILES): Add Russian and Slovak po
files.
</span></span></td><td>Julien Lepiller</td></tr>

Age	Commit message (Expand)	Author
2022-05-01	nls: Update translations....po/guix/ja.po: New file. po/guix/LINGUAS: Add it.	Julien Lepiller
2022-04-02	nls: Update translations....* po/packages/fi.po: New file. * po/packages/LINGUAS: Add it.	Julien Lepiller
2022-03-01	nls: Update translations....* po/doc/guix-cookbook.uk.po: New file. * po/doc/local.mk: Add uk cookbook. * doc/local.mk: Add uk cookbook. * po/guix/fa.po: New file. * po/guix/uk.po: New file. * po/guix/LINGUAS: Add fa and uk.	Julien Lepiller
2022-02-04	nls: Update translations....* po/doc/guix-cookbook.pt_BR.po: New file. * po/doc/local.mk: Add it. * doc/local.mk: Add pt_BR cookbook.	Julien Lepiller
2022-01-09	nls: Update translations....* po/doc/guix-cookbook.fi.po: New file. * po/doc/guix-manual.fi.po: New file. * po/doc/local.mk: Add them. * doc/local.mk: Add them. * po/guix/fi.po: New file. * po/guix/LINGUAS: Add it.	Julien Lepiller
2021-12-04	nls: Update translations.	Julien Lepiller
2021-11-06	nls: Update translations....* po/doc/guix-cookbook.es.po: New file. * po/doc/local.mk: Add 'es' cookbook. * doc/local.mk: Add 'es' cookbook.	Julien Lepiller
2021-10-17	nls: Update translations.	Julien Lepiller
2021-09-02	nls: Update translations....* po/packages/it.po: New file. * po/packages/LINGUAS: Add `it'. * po//.po: Update translations.	Julien Lepiller
2021-08-04	nls: Update translations....* po/doc/guix-cookbook.ru.po: New file. * po/doc/guix-cookbook.sk.po: New file. * po//.po: Update translations. * doc/local.mk (COOKBOOK_LANGUAGES): Add ru and sk. (info_TEXINFOS): Add Russian and Slovak cookbooks. * po/doc/local.mk (DOC_COOKBOOK_PO_FILES): Add Russian and Slovak po files.	Julien Lepiller