| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <5e11f1bacb6430e1331f02e3e0e326a78e5b0d12.camel@perches.com>
Date: Tue, 21 Oct 2025 10:06:52 -0700
From: Joe Perches <joe@...ches.com>
To: Ally Heev <allyheev@...il.com>, Dwaipayan Ray <dwaipayanray1@...il.com>,
Lukas Bulwahn <lukas.bulwahn@...il.com>, Jonathan Corbet <corbet@....net>,
Andy Whitcroft <apw@...onical.com>
Cc: workflows@...r.kernel.org, linux-doc@...r.kernel.org,
linux-kernel@...r.kernel.org, Dan Carpenter <dan.carpenter@...aro.org>,
David Hunter <david.hunter.linux@...il.com>, Shuah Khan
<skhan@...uxfoundation.org>, Viresh Kumar <vireshk@...nel.org>, Nishanth
Menon <nm@...com>, Stephen Boyd <sboyd@...nel.org>, linux-pm
<linux-pm@...r.kernel.org>
Subject: Re: [PATCH] checkpatch: add uninitialized pointer with __free
attribute check
On Tue, 2025-10-21 at 17:00 +0530, Ally Heev wrote:
> uninitialized pointers with __free attribute can cause undefined
> behaviour as the memory allocated to the pointer is freed
> automatically when the pointer goes out of scope.
> add check in checkpatch to detect such issues
Seems sensible. Couple minor points below:
> diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl
[]
> @@ -7721,6 +7721,12 @@ sub process {
> ERROR("MISSING_SENTINEL", "missing sentinel in ID array\n" . "$here\n$stat\n");
> }
> }
> +
> +# check for uninitialized pointers with __free attribute
> + if ($line =~ /\s*$Type\s*($Ident)\s+__free\s*\(\s*$Ident\s*\)\s*;/) {
The leading \s* isn't useful, but \b should be used.
Perhaps verify that $Type is a pointer as well
if ($line =~ /\b($Type)\s*($Ident)\s*__free\s*\(\s*$Ident\s*\)\s*;/ &&
$1 =~ /\*\s*$/) {
to avoid things like:
drivers/net/ethernet/microsoft/mana/gdma_main.c: cpumask_var_t cpus __free(free_cpumask_var);
> + WARN("UNINITIALIZED_PTR_WITH_FREE",
> + "pointer '$1' with __free attribute should be initialized\n" . $herecurr);
pointer '$2' etc
And this would not find uses like the below where another definition
is done before a definition with __free on the same line:
crypto/testmgr.c: u8 *ptr, *key __free(kfree);
There are many uses in drivers/opp/ that could be updated where
the initialization is done after the definition like the below:
(I've added the opp maintainers to the cc's)
drivers/opp/core.c-unsigned long dev_pm_opp_get_max_clock_latency(struct device *dev)
drivers/opp/core.c-{
drivers/opp/core.c: struct opp_table *opp_table __free(put_opp_table);
drivers/opp/core.c-
drivers/opp/core.c- opp_table = _find_opp_table(dev);
An aside found while using grep:
There are uses of DEFINE_FREE that seem to have an unnecessary trailing ;
$ git grep -w DEFINE_FREE | grep ';'
drivers/firmware/efi/libstub/efistub.h:DEFINE_FREE(efi_pool, void *, if (_T) efi_bs_call(free_pool, _T));
drivers/fwctl/mlx5/main.c:DEFINE_FREE(mlx5ctl, struct mlx5ctl_dev *, if (_T) fwctl_put(&_T->fwctl));
drivers/pci/msi/msi.c:DEFINE_FREE(free_msi_irqs, struct pci_dev *, if (_T) pci_free_msi_irqs(_T));
drivers/tty/vt/vc_screen.c:DEFINE_FREE(free_page_ptr, void *, if (_T) free_page((unsigned long)_T));
fs/pstore/inode.c:DEFINE_FREE(pstore_private, struct pstore_private *, free_pstore_private(_T));
include/linux/cpumask.h:DEFINE_FREE(free_cpumask_var, struct cpumask *, if (_T) free_cpumask_var(_T));
include/linux/execmem.h:DEFINE_FREE(execmem, void *, if (_T) execmem_free(_T));
include/linux/fwctl.h:DEFINE_FREE(fwctl, struct fwctl_device *, if (_T) fwctl_put(_T));
net/core/dev.h:DEFINE_FREE(netdev_unlock, struct net_device *, if (_T) netdev_unlock(_T));
Powered by blists - more mailing lists