packages/qemu
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
qemu/hw-nvme-fix-memory-leak-in-nvme_dsm.patch
Fei Xu 2ddec1532b QEMU update to version 6.2.0-72(master) 
- migration/xbzrle: fix out-of-bounds write with axv512
- migration/xbzrle: use ctz64 to avoid undefined result
- Update bench-code for addressing CI problem
- AVX512 support for xbzrle_encode_buffer
- configure, meson: move AVX tests to meson
- target/i386: KVM: allow fast string operations if host supports them
- target/i386: add FSRM to TCG
- hw/nvme: fix memory leak in nvme_dsm
- aio-posix: fix race between epoll upgrade and aio_set_fd_handler()
- target/i386: Add SGX aex-notify and EDECCSSA support
- hw/usb/imx: Fix out of bounds access in imx_usbphy_read()
- target/i386: Set maximum APIC ID to KVM prior to vCPU creation
- target/i386: Fix sanity check on max APIC ID / X2APIC enablement

Signed-off-by: Fei Xu <xufei30@huawei.com>
2023-05-18 14:19:42 +08:00

41 lines
1.3 KiB
Diff
Raw Blame History

From 2a3757a66aad487b64afb8935015c408fd9fdcbb Mon Sep 17 00:00:00 2001
From: wangmeiyang <wangmeiyang@xfusion.com>
Date: Fri, 28 Apr 2023 12:01:45 +0800
Subject: [PATCH] hw/nvme: fix memory leak in nvme_dsm
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
The iocb (and the allocated memory to hold LBA ranges) leaks if reading
the LBA ranges fails.
Fix this by adding a free and an unref of the iocb.
origin commit: https://gitlab.com/qemu-project/qemu/-/commit/4b32319cdacd99be983e1a74128289ef52c5964e
Signed-off-by: Meiyang Wang <wangmeiyang@xfusion.com>
Reported-by: Coverity (CID 1508281)
Fixes: d7d1474fd85d ("hw/nvme: reimplement dsm to allow cancellation")
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
---
hw/nvme/ctrl.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/hw/nvme/ctrl.c b/hw/nvme/ctrl.c
index 40fbda3b03..5f1515828b 100644
--- a/hw/nvme/ctrl.c
+++ b/hw/nvme/ctrl.c
@@ -2381,6 +2381,9 @@ static uint16_t nvme_dsm(NvmeCtrl *n, NvmeRequest *req)
status = nvme_h2c(n, (uint8_t *)iocb->range, sizeof(NvmeDsmRange) * nr,
req);
if (status) {
+ g_free(iocb->range);
+ qemu_aio_unref(iocb);
+
return status;
}
--
2.27.0
Reference in New Issue View Git Blame Copy Permalink