/// Use memdup_user rather than duplicating its implementation
/// This is a little bit restricted to reduce false positives
///
// Confidence: High
// Copyright: (C) 2010-2012 Nicolas Palix. GPLv2.
// Copyright: (C) 2010-2012 Julia Lawall, INRIA/LIP6. GPLv2.
// Copyright: (C) 2010-2012 Gilles Muller, INRIA/LiP6. GPLv2.
// URL: http://coccinelle.lip6.fr/
// Comments:
// Options: --no-includes --include-headers
virtual patch
virtual context
virtual org
virtual report
@depends on patch@
expression from,to,size;
identifier l1,l2;
@@
- to = \(kmalloc\|kzalloc\)(size,GFP_KERNEL);
+ to = memdup_user(from,size);
if (
- to==NULL
+ IS_ERR(to)
|| ...) {
<+... when != goto l1;
- -ENOMEM
+ PTR_ERR(to)
...+>
}
- if (copy_from_user(to, from, size) != 0) {
- <+... when != goto l2;
- -EFAULT
- ...+>
- }
@r depends on !patch@
expression from,to,size;
position p;
statement S1,S2;
@@
* to = \(kmalloc@p\|kzalloc@p\)(size,GFP_KERNEL);
if (to==NULL || ...) S1
if (copy_from_user(to, from, size) != 0)
S2
@script:python depends on org@
p << r.p;
@@
coccilib.org.print_todo(p[0], "WARNING opportunity for memdup_user")
@script:python depends on report@
p << r.p;
@@
coccilib.report.print_report(p[0], "WARNING opportunity for memdup_user")
| Name | Type | Size | Permission | Actions |
|---|---|---|---|---|
| alloc | Folder | 0755 |
|
|
| debugfs | Folder | 0755 |
|
|
| check_bq27xxx_data.cocci | File | 3.42 KB | 0644 |
|
| d_find_alias.cocci | File | 1.28 KB | 0644 |
|
| drm-get-put.cocci | File | 1.93 KB | 0644 |
|
| err_cast.cocci | File | 1.07 KB | 0644 |
|
| kstrdup.cocci | File | 2.4 KB | 0644 |
|
| memdup.cocci | File | 1.35 KB | 0644 |
|
| memdup_user.cocci | File | 1.28 KB | 0644 |
|
| platform_no_drv_owner.cocci | File | 3.78 KB | 0644 |
|
| pm_runtime.cocci | File | 2.34 KB | 0644 |
|
| ptr_ret.cocci | File | 1.77 KB | 0644 |
|
| resource_size.cocci | File | 2.07 KB | 0644 |
|
| simple_open.cocci | File | 1.21 KB | 0644 |
|
| stream_open.cocci | File | 7.6 KB | 0644 |
|
| vma_pages.cocci | File | 1.48 KB | 0644 |
|