lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date:   Sat, 29 Aug 2020 15:09:57 +0200 (CEST)
From:   Julia Lawall <julia.lawall@...ia.fr>
To:     Markus Elfring <Markus.Elfring@....de>
cc:     Denis Efremov <efremov@...ux.com>,
        Coccinelle <cocci@...teme.lip6.fr>,
        Michal Marek <michal.lkml@...kovi.net>,
        Kees Cook <keescook@...omium.org>,
        Gilles Muller <Gilles.Muller@...6.fr>,
        Nicolas Palix <nicolas.palix@...g.fr>,
        kernel-janitors@...r.kernel.org,
        "Gustavo A. R. Silva" <gustavoars@...nel.org>,
        linux-kernel@...r.kernel.org
Subject: Re: [Cocci] [RFC PATCH] coccinelle: api: add flex_array_size.cocci
 script



On Sat, 29 Aug 2020, Markus Elfring wrote:

> > Suggest flex_array_size() wrapper to compute the size of a
> > flexible array member in a structure. The macro additionally
> > checks for integer overflows.
>
> Can the following script variant for the semantic patch language help
> to clarify any software development ideas and remaining open issues?

A patch proposal needs to say what it is doing and why.  You haven't
provided either information.

What changes have you made as compared to the original proposal, and why
have you made them?  Removing newlines and adding spaces, as done in
decl_flex, is not something I am interested in.

julia

>
>
> virtual context, patch, report, org
>
> @decl_flex@
> identifier name, array, size;
> type TA, TS;
> @@
>  struct name {
>  ...
>  TS size;
>  ...
> (TA array[];
> |TA array[ \( 0 \| 1 \) ];
> )
>  };
>
> @ptr_flex@
> identifier decl_flex.name, instance;
> @@
>  struct name *instance;
>
> @struct_flex@
> identifier decl_flex.name, instance;
> @@
>  struct name instance;
>
> @ptr_flex_size depends on !patch@
> identifier decl_flex.array, decl_flex.size, ptr_flex.instance;
> type decl_flex.TA;
> position p;
> @@
> *instance->size *@p \( sizeof(TA) \| sizeof(*instance->array) \)
>
> @depends on patch exists@
> identifier decl_flex.array, decl_flex.size, ptr_flex.instance;
> type decl_flex.TA;
> @@
> (
> -sizeof(TA)
> |
> -sizeof(*instance->array)
> )
> - *
> +flex_array_size(instance, array,
>  instance->size
> +)
>
> @struct_flex_size depends on !patch@
> identifier decl_flex.array, decl_flex.size, struct_flex.instance;
> type decl_flex.TA;
> position p;
> @@
> *instance->size *@p \( sizeof(TA) \| sizeof(*instance->array) \)
>
> @depends on patch exists@
> identifier decl_flex.array, decl_flex.size, struct_flex.instance;
> type decl_flex.TA;
> @@
> (
> -sizeof(TA)
> |
> -sizeof(*instance->array)
> )
> - *
> +flex_array_size(instance, array,
>  instance->size
> +)
>
> @func_arg_flex_size depends on !patch@
> identifier decl_flex.name, decl_flex.array, decl_flex.size, func, instance;
> type decl_flex.TA;
> position p;
> @@
>  func(..., struct name *instance, ...) {
>  ... when any
> *instance->size *@p \( sizeof(TA) \| sizeof(*instance->array) \)
>  ...
>  }
>
> @depends on patch exists@
> identifier decl_flex.name, decl_flex.array, decl_flex.size, func, instance;
> type decl_flex.TA;
> @@
>  func(..., struct name *instance, ...) {
>  ... when any
> (
> -sizeof(TA)
> |
> -sizeof(*instance->array)
> )
> - *
> +flex_array_size(instance, array,
>  instance->size
> +)
>  ...
>  }
>
> @script:python depends on report@
> p << ptr_flex_size.p;
> @@
> coccilib.report.print_report(p[0], "WARNING opportunity for flex_array_size")
>
> @script:python depends on org@
> p << ptr_flex_size.p;
> @@
> coccilib.org.print_todo(p[0], "WARNING opportunity for flex_array_size")
>
> @script:python depends on report@
> p << struct_flex_size.p;
> @@
> coccilib.report.print_report(p[0], "WARNING opportunity for flex_array_size")
>
> @script:python depends on org@
> p << struct_flex_size.p;
> @@
> coccilib.org.print_todo(p[0], "WARNING opportunity for flex_array_size")
>
> @script:python depends on report@
> p << func_arg_flex_size.p;
> @@
> coccilib.report.print_report(p[0], "WARNING opportunity for flex_array_size")
>
> @script:python depends on org@
> p << func_arg_flex_size.p;
> @@
> coccilib.org.print_todo(p[0], "WARNING opportunity for flex_array_size")
>
>
> Regards,
> Markus
> _______________________________________________
> Cocci mailing list
> Cocci@...teme.lip6.fr
> https://systeme.lip6.fr/mailman/listinfo/cocci
>

Powered by blists - more mailing lists