/// Use memdup_user rather than duplicating its implementation /// This is a little bit restricted to reduce false positives /// // Confidence: High // Copyright: (C) 2010-2012 Nicolas Palix. GPLv2. // Copyright: (C) 2010-2012 Julia Lawall, INRIA/LIP6. GPLv2. // Copyright: (C) 2010-2012 Gilles Muller, INRIA/LiP6. GPLv2. // URL: http://coccinelle.lip6.fr/ // Comments: // Options: --no-includes --include-headers virtual patch virtual context virtual org virtual report @depends on patch@ expression from,to,size; identifier l1,l2; @@ - to = \(kmalloc\|kzalloc\)(size,GFP_KERNEL); + to = memdup_user(from,size); if ( - to==NULL + IS_ERR(to) || ...) { <+... when != goto l1; - -ENOMEM + PTR_ERR(to) ...+> } - if (copy_from_user(to, from, size) != 0) { - <+... when != goto l2; - -EFAULT - ...+> - } @r depends on !patch@ expression from,to,size; position p; statement S1,S2; @@ * to = \(kmalloc@p\|kzalloc@p\)(size,GFP_KERNEL); if (to==NULL || ...) S1 if (copy_from_user(to, from, size) != 0) S2 @script:python depends on org@ p << r.p; @@ coccilib.org.print_todo(p[0], "WARNING opportunity for memdup_user") @script:python depends on report@ p << r.p; @@ coccilib.report.print_report(p[0], "WARNING opportunity for memdup_user")
Name | Type | Size | Permission | Actions |
---|---|---|---|---|
alloc | Folder | 0755 |
|
|
debugfs | Folder | 0755 |
|
|
check_bq27xxx_data.cocci | File | 3.42 KB | 0644 |
|
d_find_alias.cocci | File | 1.28 KB | 0644 |
|
drm-get-put.cocci | File | 1.93 KB | 0644 |
|
err_cast.cocci | File | 1.07 KB | 0644 |
|
kstrdup.cocci | File | 2.4 KB | 0644 |
|
memdup.cocci | File | 1.35 KB | 0644 |
|
memdup_user.cocci | File | 1.28 KB | 0644 |
|
platform_no_drv_owner.cocci | File | 3.78 KB | 0644 |
|
pm_runtime.cocci | File | 2.34 KB | 0644 |
|
ptr_ret.cocci | File | 1.77 KB | 0644 |
|
resource_size.cocci | File | 2.07 KB | 0644 |
|
simple_open.cocci | File | 1.21 KB | 0644 |
|
stream_open.cocci | File | 7.6 KB | 0644 |
|
vma_pages.cocci | File | 1.48 KB | 0644 |
|