lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 9 Jan 2020 13:14:45 +0100
From:   Markus Elfring <Markus.Elfring@....de>
To:     Julia Lawall <julia.lawall@...ia.fr>,
        Wen Yang <wenyang@...ux.alibaba.com>, cocci@...teme.lip6.fr
Cc:     kernel-janitors@...r.kernel.org, linux-kernel@...r.kernel.org,
        Gilles Muller <Gilles.Muller@...6.fr>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Masahiro Yamada <yamada.masahiro@...ionext.com>,
        Matthias Männich <maennich@...gle.com>,
        Michal Marek <michal.lkml@...kovi.net>,
        Nicolas Palix <nicolas.palix@...g.fr>,
        Thomas Gleixner <tglx@...utronix.de>
Subject: Re: [v2] coccinelle: semantic patch to check for inappropriate
 do_div() calls

>> Does the Coccinelle software ensure that a variable like “r.ul” contains
>> really useful data even if the expected branch of the SmPL disjunction
>> was occasionally not matched?
>
> The python code will only be executed if it does.

The Python scripts will be executed if the SmPL rule “r” found something.
I suggest to take a closer look at the involved data types for
really safe case distinctions.
Does the dependency management around the application of SmPL disjunctions
need any further clarification?

Regards,
Markus

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ