fio NULL Pointer Dereference Vulnerability in Job File Parser

A NULL pointer dereference vulnerability has been identified in fio (Flexible I/O Tester) version 3.41. The issue arises in the job file parser when the fdp_pli option is specified without an accompanying value. The parser fails to validate the input, leading the callback function str_fdp_pli_cb() to call strdup() with a NULL pointer. This oversight causes a segmentation fault, crashing the process. While this vulnerability does not pose a security risk during normal command-line interface (CLI) usage, it could result in a denial-of-service condition if fio is used as a backend service that processes untrusted job files.

Impact

Exploitation of this vulnerability leads to a segmentation fault and process crash, causing a denial-of-service condition.

Reproduction

To reproduce this vulnerability, create a job file named crash.fio with the fdp_pli option included but without a value. Then, run fio with this job file. The absence of a value for the fdp_pli option will trigger the NULL pointer dereference, causing fio to crash.

Remediation

Users can upgrade to fio version 3.41 (commit 9387e61b5fcfbce1e4ed29b0cd19890a37ba1766) or later, where this vulnerability has been fixed.