| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <alpine.DEB.2.22.394.2008020907220.2531@hadrien>
Date: Sun, 2 Aug 2020 09:09:04 +0200 (CEST)
From: Julia Lawall <julia.lawall@...ia.fr>
To: Markus Elfring <Markus.Elfring@....de>
cc: Denis Efremov <efremov@...ux.com>,
Coccinelle <cocci@...teme.lip6.fr>,
Gilles Muller <Gilles.Muller@...6.fr>,
Julia Lawall <julia.lawall@...ia.fr>,
Masahiro Yamada <masahiroy@...nel.org>,
Michal Marek <michal.lkml@...kovi.net>,
Nicolas Palix <nicolas.palix@...g.fr>,
linux-kernel@...r.kernel.org, kernel-janitors@...r.kernel.org
Subject: Re: [PATCH v6] coccinelle: api: add kvfree script
On Sun, 2 Aug 2020, Markus Elfring wrote:
> …
> > +++ b/scripts/coccinelle/api/kvfree.cocci
> …
> > +@...ice@
> > +expression E, E1;
> > +position kok, vok;
> > +@@
> > +
> > +(
> …
> > +|
> > + E = \(kmalloc\|kzalloc\|krealloc\|kcalloc\|kmalloc_node\|kzalloc_node\|
> > + kmalloc_array\|kmalloc_array_node\|kcalloc_node\)(...)@kok
> > + ... when != E = E1
> > + when any
> > + if (\(!E\|E == NULL\)) {
> …
>
> Can the SmPL code exclusion specification be incomplete here?
>
> How do you think about to check also if the memory is passed to any function
> (or macro) calls before the shown detection of a null pointer?
It seems both extremely unlikely and not relevant to the question at hand.
Passing E to another function will not change the value of E itself.
Passing &E to another function could change E, but it would be very
unusual to do that, and doesn't seem worth checking for.
julia
Powered by blists - more mailing lists