lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20150225060836.GA12255@waves>
Date:	Wed, 25 Feb 2015 08:08:36 +0200
From:	Aya Mahfouz <mahfouz.saif.elyazal@...il.com>
To:	Joe Perches <joe@...ches.com>
Cc:	Andy Whitcroft <apw@...onical.com>, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2] scripts: checkpatch.pl: add 2 new checks on memset
 calls

On Tue, Feb 24, 2015 at 09:45:43PM -0800, Joe Perches wrote:
> On Wed, 2015-02-25 at 06:59 +0200, Aya Mahfouz wrote:
> > On Tue, Feb 24, 2015 at 08:41:23PM -0800, Joe Perches wrote:
> > > On Wed, 2015-02-25 at 06:35 +0200, Aya Mahfouz wrote:
> > > > On Tue, Feb 24, 2015 at 07:10:52PM -0800, Joe Perches wrote:
> > > > > On Wed, 2015-02-25 at 04:40 +0200, Aya Mahfouz wrote:
> > > > > > This patch adds 2 new checks on memset calls in the file
> > > > > > checkpatch.pl as follows:
> > > []
> > > > ok, I didn't see your suggestion, sorry.
> > > 
> > > No worries.
> > > 
> > > > Can you look at the following
> > > > modification before sending the third patch? I don't use $stat because
> > > > I get false positives with it.
> > > 
> > > Please describe the false positives.
> > > 
> > > 
> > 
> > ok, here are the relevant warnings issued by checkpatch.pl when using
> > $stat for the file drivers/staging/rtl8188eu/os_dep/ioctl_linux.c.
> > The only correct results are lines 95, 830, 1031, 1040, 1908. 
> > 
> > WARNING: Prefer eth_zero_addr() over memset() if the second address is 0x00
> > #95: FILE: drivers/staging/rtl8188eu/os_dep/ioctl_linux.c:95:
> > +	memset(wrqu.ap_addr.sa_data, 0, ETH_ALEN);
> > 
> > 
> > WARNING: Prefer eth_zero_addr() over memset() if the second address is 0x00
> > #775: FILE: drivers/staging/rtl8188eu/os_dep/ioctl_linux.c:775:
> > +}
> 
> []
> 
> Try this:
> ---
>  scripts/checkpatch.pl | 21 +++++++++++++++++----
>  1 file changed, 17 insertions(+), 4 deletions(-)
> 
> diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl
> index d124359..9127c65 100755
> --- a/scripts/checkpatch.pl
> +++ b/scripts/checkpatch.pl
> @@ -4890,10 +4890,11 @@ sub process {
>  			}
>  		}
>  
> -# Check for misused memsets
> +# Check for misused memsets then check for memset(foo, 0x00|0xff, ETH_ALEN)
> +# calls that could be eth_zero_addr(foo)|eth_broadcast_addr(foo)
>  		if ($^V && $^V ge 5.10.0 &&
>  		    defined $stat &&
> -		    $stat =~ /^\+(?:.*?)\bmemset\s*\(\s*$FuncArg\s*,\s*$FuncArg\s*\,\s*$FuncArg\s*\)/s) {
> +		    $stat =~ /^\+(?:\s*$Ident\s*=)?\s*memset\s*\(\s*$FuncArg\s*,\s*$FuncArg\s*\,\s*$FuncArg\s*\)/s) {
>  
>  			my $ms_addr = $2;
>  			my $ms_val = $7;
> @@ -4901,10 +4902,22 @@ sub process {
>  
>  			if ($ms_size =~ /^(0x|)0$/i) {
>  				ERROR("MEMSET",
> -				      "memset to 0's uses 0 as the 2nd argument, not the 3rd\n" . "$here\n$stat\n");
> +				      "memset to 0's uses 0 as the 2nd argument, not the 3rd\n" . "$here\n$line\n");
>  			} elsif ($ms_size =~ /^(0x|)1$/i) {
>  				WARN("MEMSET",
> -				     "single byte memset is suspicious. Swapped 2nd/3rd argument?\n" . "$here\n$stat\n");
> +				     "single byte memset is suspicious. Swapped 2nd/3rd argument?\n" . "$here\n$line\n");
> +			} elsif ($ms_val =~ /^(?:0x)?0+$/i &&
> +				 $ms_size =~ /^ETH_ALEN$/ &&
> +				 WARN("PREFER_ETH_ADDR",
> +				     "Prefer eth_zero_addr() over memset() if the second address is 0\n" . $herecurr) &&
> +				 $fix) {
> +				$fixed[$fixlinenr] =~ s/\bmemset\s*\(\s*\Q$ms_addr\E\s*,\s*\Q$ms_val\E\s*,\s*ETH_ALEN\s*\)/eth_zero_addr($ms_addr)/;
> +			} elsif ($ms_val =~ /^(?:0xff|255)$/i &&
> +				 $ms_size =~ /^ETH_ALEN$/ &&
> +				 WARN("PREFER_ETH_ADDR",
> +				      "Prefer eth_broadcast_addr() over memset() if the second address is 0xff\n" . $herecurr) &&
> +				 $fix) {
> +				$fixed[$fixlinenr] =~ s/\bmemset\s*\(\s*\Q$ms_addr\E\s*,\s*\Q$ms_val\E\s*,\s*ETH_ALEN\s*\)/eth_broadcast_addr($ms_addr)/;
>  			}
>  		}
>  
> 
> 

Yes, this patch works smoothly. I'm not getting the false positives now.
What is the next step?

-- 
Kind Regards,
Aya Saif El-yazal Mahfouz
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ