From: Klaus Jensen <k.jen...@samsung.com>
In nvme_format_ns(), if the namespace is of zero size (which might be
useless, but not invalid), the `count` variable will leak. Fix this by
returning early in that case.
Reported-by: Coverity (CID 1451082)
Fixes: dc04d25e2f3f ("hw/block/nvme: add support for the format nvm command")
Signed-off-by: Klaus Jensen <k.jen...@samsung.com>
---
hw/block/nvme.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/hw/block/nvme.c b/hw/block/nvme.c
index 6842b01ab58b..dad275971a84 100644
--- a/hw/block/nvme.c
+++ b/hw/block/nvme.c
@@ -4984,6 +4984,11 @@ static uint16_t nvme_format_ns(NvmeCtrl *n,
NvmeNamespace *ns, uint8_t lbaf,
ns->status = NVME_FORMAT_IN_PROGRESS;
len = ns->size;
+
+ if (!len) {
+ return NVME_SUCCESS;
+ }
+
offset = 0;
count = g_new(int, 1);
--
2.31.0
