Commit 339e1517 authored Jun 25, 2025 by Yalong Wang Committed by Konrad Sztyber Jun 26, 2025

app/fio: fix heap-use-after-free when qpair alloc failed.



fio_qpair should only be free by spdk_fio_cleanup,
when spdk_fio_open qpair alloc failed.
Otherwish heap-use-after-free occur.

Change-Id: I0d45c2ad6b8c3dfbbb1ddeff4ba0ac44a5f33ec8
Signed-off-by: Yalong Wang <yalong9@staff.sina.com.cn>
Reviewed-on: https://review.spdk.io/c/spdk/spdk/+/26137


Tested-by: SPDK Automated Test System <spdkbot@gmail.com>
Reviewed-by: Aleksey Marchuk <alexeymar@nvidia.com>
Reviewed-by: Konrad Sztyber <ksztyber@nvidia.com>
Reviewed-by: Changpeng Liu <changpeliu@tencent.com>
Reviewed-by: Ankit Kumar <ankit.kumar@samsung.com>
Community-CI: Mellanox Build Bot
Reviewed-by: GangCao <gang.cao@intel.com>

parent 555c9621

app/fio/nvme/fio_plugin.c

+0 −1

Original line number	Diff line number	Diff line
		@@ -769,7 +769,6 @@ spdk_fio_open(struct thread_data td, struct fio_file f)
		if (!fio_qpair->qpair) {
		SPDK_ERRLOG("Cannot allocate nvme io_qpair any more\n");
		g_error = true;
		free(fio_qpair);
		return -1;
		}