Author: Julia Lawall <julia@diku.dk> Use kmemdup when some other buffer is immediately copied into the allocated region. A simplified version of the semantic patch that makes this change is as follows: (http://coccinelle.lip6.fr/) // @@ expression from,to,size,flag; statement S; @@ – to = \(kmalloc\|kzalloc\)(size,flag); + to = kmemdup(from,size,flag); if (to==NULL || …) S – memcpy(to, from, …
Category: Linux
May 15 2010
HID: picolcd: Eliminate use after free
Author: Julia Lawall <julia@diku.dk> The skip label frees resp, which has not been allocated at the point of this goto and then does a break, based on the fact that err is non-zero. This is replaced by a break directly. A simplified version of the semantic match that finds this problem is as follows: (http://coccinelle.lip6.fr/) …
May 15 2010
[SCSI] aacraid: Eliminate use after free
Author: Julia Lawall <julia@diku.dk> The debugging code using the freed structure is moved before the kfree. A simplified version of the semantic match that finds this problem is as follows: (http://coccinelle.lip6.fr/) // @free@ expression E; position p; @@ kfree@p(E) @@ expression free.E, subE
May 15 2010
drivers/char: Eliminate use after free
Author: Julia Lawall <julia@diku.dk> In each case, the first argument to send_control_msg or __send_control_msg, respectively, has either not been successfully allocated or has been freed at the point of the call. In the first case, the first argument, port, is only used to access the portdev and id fields, in order to call __send_control_msg. Thus …
May 14 2010
fs/ocfs2/dlm: Use kstrdup
Author: Julia Lawall <julia@diku.dk> Use kstrdup when the goal of an allocation is copy a string into the allocated region. The semantic patch that makes this change is as follows: (http://coccinelle.lip6.fr/) // @@ expression from,to; expression flag,E1,E2; statement S; @@ – to = kmalloc(strlen(from) + 1,flag); + to = kstrdup(from, flag); … when != \(from …
May 14 2010
security/selinux/ss: Use kstrdup
Author: Julia Lawall <julia@diku.dk> Use kstrdup when the goal of an allocation is copy a string into the allocated region. The semantic patch that makes this change is as follows: (http://coccinelle.lip6.fr/) // @@ expression from,to; expression flag,E1,E2; statement S; @@ – to = kmalloc(strlen(from) + 1,flag); + to = kstrdup(from, flag); … when != \(from …
May 14 2010
powerpc/iseries: Use kstrdup
Author: Julia Lawall <julia@diku.dk> Use kstrdup when the goal of an allocation is copy a string into the allocated region. The semantic patch that makes this change is as follows: (http://coccinelle.lip6.fr/) // @@ expression from,to; expression flag,E1,E2; statement S; @@ – to = kmalloc(strlen(from) + 1,flag); + to = kstrdup(from, flag); … when != \(from …
May 14 2010
powerpc/pseries: Use kstrdup
Author: Julia Lawall <julia@diku.dk> Use kstrdup when the goal of an allocation is copy a string into the allocated region. The semantic patch that makes this change is as follows: (http://coccinelle.lip6.fr/) // @@ expression from,to; expression flag,E1,E2; statement S; @@ – to = kmalloc(strlen(from) + 1,flag); + to = kstrdup(from, flag); … when != \(from …
May 14 2010
drivers/mtd/nand: Use kzalloc
Author: Julia Lawall <julia@diku.dk> Use kzalloc rather than the combination of kmalloc and memset. The semantic patch that makes this change is as follows: (http://coccinelle.lip6.fr/) // @@ expression x,size,flags; statement S; @@ -x = kmalloc(size,flags); +x = kzalloc(size,flags); if (x == NULL) S -memset(x, 0, size); // Signed-off-by: Julia Lawall Signed-off-by: David Woodhouse — drivers/mtd/nand/s3c2410.c …
May 14 2010
ceph: Use kzalloc
Author: Julia Lawall <julia@diku.dk> Use kzalloc rather than the combination of kmalloc and memset. The semantic patch that makes this change is as follows: (http://coccinelle.lip6.fr/) // @@ expression x,size,flags; statement S; @@ -x = kmalloc(size,flags); +x = kzalloc(size,flags); if (x == NULL) S -memset(x, 0, size); // Signed-off-by: Julia Lawall Signed-off-by: Sage Weil — fs/ceph/mon_client.c …
