This patchset fixes CVE-2014-7840: invalid migration stream can cause arbitrary qemu memory overwrite. First patch includes the minimal fix for the issue. Follow-up patches on top add extra checking to reduce the chance this kind of bug recurs.
Note: these are already (tentatively-pending review) queued in my tree, so only review/ack is necessary. Michael S. Tsirkin (4): migration: fix parameter validation on ram load exec: add wrapper for host pointer access cpu: assert host pointer offset within block cpu: verify that block->host is set include/exec/cpu-all.h | 7 +++++++ arch_init.c | 5 +++-- exec.c | 10 +++++----- 3 files changed, 15 insertions(+), 7 deletions(-) -- MST