| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 4 Jun 2020 17:20:58 +0200
From: Markus Elfring <Markus.Elfring@....de>
To: Denis Efremov <efremov@...ux.com>,
Gilles Muller <Gilles.Muller@...6.fr>,
Julia Lawall <Julia.Lawall@...6.fr>,
Masahiro Yamada <yamada.masahiro@...ionext.com>,
Michal Marek <michal.lkml@...kovi.net>,
Nicolas Palix <nicolas.palix@...g.fr>,
Coccinelle <cocci@...teme.lip6.fr>
Cc: kernel-janitors@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] coccinelle: api: add kzfree script
> Check for memset() with 0 followed by kfree().
I suggest to simplify the SmPL code a bit like the following.
> +virtual context
> +virtual org
> +virtual report
> +virtual patch
+virtual context, org, report, patch
…
> +@@
> +
> +(
> +* memset(E, 0, ...);
> +|
> +* memset(E, '\0', ...);
> +)
> +* kfree(E)@p;
+@@
+*memset(E, 0, ...);
+*kfree(E)@p;
How does the SmPL asterisk functionality fit to the operation
modes “org” and “report”?
> +@@
> +
> +(
> +- memset(E, 0, ...);
> +|
> +- memset(E, '\0', ...);
> +)
> +- kfree(E);
> ++ kzfree(E);
+@@
+-memset(E, 0, ...);
+-kfree
++kzfree
+ (E);
I got the impression that the specification of a SmPL disjunction
could be omitted because of the technical detail that the isomorphism
“zero_multiple_format” should handle such an use case already.
Would you like to tolerate any extra source code between these function calls?
Regards,
Markus
Powered by blists - more mailing lists