| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 28 Aug 2016 13:34:13 -0700
From: Joe Perches <joe@...ches.com>
To: Julia Lawall <julia.lawall@...6.fr>,
Nicolas Iooss <nicolas.iooss_linux@....org>
Cc: alsa-devel@...a-project.org, Dan Capenter <error27@...il.com>,
Liam Girdwood <lgirdwood@...il.com>,
Mark Brown <broonie@...nel.org>, linux-kernel@...r.kernel.org
Subject: Re: Misuses of ** ? (was Re: [PATCH 1/1] ASoC: Intel: Atom: add a
missing star in a memcpy call)
On Sun, 2016-08-28 at 21:38 +0200, Julia Lawall wrote:
> On Sun, 28 Aug 2016, Nicolas Iooss wrote:
> > On 28/08/16 19:50, Joe Perches wrote:
> > > On Sun, 2016-08-28 at 19:39 +0200, Nicolas Iooss wrote:
> > >> In sst_prepare_and_post_msg(), when a response is received in "block",
> > >> the following code gets executed:
> > >>
> > >> *data = kzalloc(block->size, GFP_KERNEL);
> > >> memcpy(data, (void *) block->data, block->size);
> > >
> > > Yuck, thanks.
> > >
> > > Julia, Dan, could cocci or smatch help find any other
> > > similar misuses here?
[]
> I tried the following semantic patch, that is quite general, and the fixed
> issue was the only report.
>
> @@
> expression x,y,sz;
> identifier f,g;
> @@
>
> * *x = f(sz,...);
> ...
> * g(x,y,sz);
Hi Julia,
This would find exactly the same form, but I think
the question is are there assignments of a **pp
that should have been *pp
Something like:
@@
type P;
P **pp;
@@
* pp = <alloc>\|<copy>\|<access>(..., sizeof(P), ...)
Powered by blists - more mailing lists