packages/spdk
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
spdk/0028-fixed-use-after-free-detected-by-Coverity.patch
yanshuai01 d67e196ff3 fixed use-after-free detected by Coverity 
(cherry picked from commit 0303ea8c91e1f5685b7854fcffad8674a811a227)
2024-06-12 16:40:05 +08:00

44 lines
1.5 KiB
Diff
Raw Blame History

From 19cfba7624a31bc5790a335158244b29657e9253 Mon Sep 17 00:00:00 2001
From: Marcin Spiewak <marcin.spiewak@intel.com>
Date: Fri, 19 Jan 2024 12:30:41 +0100
Subject: [PATCH] lib/nvme: fixed use-after-free detected by Coverity
If cuse_nvme_ctrlr_update_namespaces(ctrlr_device) fails,
the cuse_nvme_ctrlr_stop(ctrlr_device) function is called. This
function frees ctrl_device, and also clears/frees bit arrays,
so there is no need to jump to clear_and_free label, as these
operations ale already done. Just return with appropriate error
code.
If there is a jump, we will try to access already freed memory
(ctrl_device->index) in line 1213
Change-Id: I4217c3783a22781feabbae9735d44479c5f511d9
Signed-off-by: Marcin Spiewak <marcin.spiewak@intel.com>
Reviewed-on: https://review.spdk.io/gerrit/c/spdk/spdk/+/21518
Community-CI: Mellanox Build Bot
Reviewed-by: Konrad Sztyber <konrad.sztyber@intel.com>
Reviewed-by: Aleksey Marchuk <alexeymar@nvidia.com>
Tested-by: SPDK CI Jenkins <sys_sgci@intel.com>
---
lib/nvme/nvme_cuse.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/lib/nvme/nvme_cuse.c b/lib/nvme/nvme_cuse.c
index 62d1422..0a78b8e 100644
--- a/lib/nvme/nvme_cuse.c
+++ b/lib/nvme/nvme_cuse.c
@@ -904,8 +904,7 @@ nvme_cuse_start(struct spdk_nvme_ctrlr *ctrlr)
if (cuse_nvme_ctrlr_update_namespaces(ctrlr_device) < 0) {
SPDK_ERRLOG("Cannot start CUSE namespace devices.");
cuse_nvme_ctrlr_stop(ctrlr_device);
- rv = -1;
- goto err3;
+ return -1;
}
return 0;
--
2.27.0
Reference in New Issue View Git Blame Copy Permalink