Author: Julia Lawall <julia@diku.dk> Taking sizeof the result of sizeof is quite strange and does not seem to be what is wanted here. This was fixed using the following semantic patch. (http://www.emn.fr/x-info/coccinelle/) // @@ expression E; @@ – sizeof ( sizeof (E) – ) // Signed-off-by: Julia Lawall Signed-off-by: Jeff Garzik — drivers/net/r6040.c | 2 …
Catégorie : Linux
Jun 13 2008
drivers/isdn/sc/ioctl.c: add missing kfree
Author: Julia Lawall <julia@diku.dk> spid has been allocated in this function and so should be freed before leaving it, as in the other error handling cases. The semantic match that finds the problem is as follows: (http://www.emn.fr/x-info/coccinelle/) @r exists@ expression E,E1; statement S; position p1,p2,p3; @@ E =@p1 \(kmalloc\|kcalloc\|kzalloc\)(…) … when != E = E1 …
Jun 10 2008
[S390] tape_3590.c: introduce missing kfree
Author: Julia Lawall <julia@diku.dk> The semantic match that finds the problem is as follows: (http://www.emn.fr/x-info/coccinelle/) @r exists@ expression E,E1; statement S; position p1,p2,p3; @@ E =@p1 \(kmalloc\|kcalloc\|kzalloc\)(…) … when != E = E1 if (E == NULL || …) S … when != E = E1 if@p2 (…) { … when != kfree(E) } … …
Jun 09 2008
[POWERPC] Add missing of_node_put in drivers/macintosh/therm_adt746x.c
Author: Julia Lawall <julia@diku.dk> of_node_put is needed before discarding a value received from of_find_node_by_name, eg in error handling code. The semantic patch that makes the change is as follows: (http://www.emn.fr/x-info/coccinelle/) // @@ struct device_node *n; struct device_node *n1; statement S; identifier f; expression E; constant C; @@ n = of_find_node_by_name(…) … if (!n) S … …
Jun 09 2008
[POWERPC] Add missing of_node_put in drivers/macintosh/smu.c
Author: Julia Lawall <julia@diku.dk> of_node_put is needed before discarding a value received from of_find_node_by_type, eg in error handling code. The semantic patch that makes the change is as follows: (http://www.emn.fr/x-info/coccinelle/) // @@ struct device_node *n; struct device_node *n1; struct device_node *n2; statement S; identifier f1,f2; expression E1,E2; constant C; @@ n = of_find_node_by_type(…) … if …
Jun 09 2008
[POWERPC] Add missing of_node_put in pseries/nvram.c
Author: Julia Lawall <julia@diku.dk> of_node_put is needed before discarding a value received from of_find_node_by_type, eg in error handling code. The semantic patch that makes the change is as follows: (http://www.emn.fr/x-info/coccinelle/) // @@ struct device_node *n; struct device_node *n1; struct device_node *n2; statement S; identifier f1,f2; expression E1,E2; constant C; @@ n = of_find_node_by_type(…) … if …
May 29 2008
PCI: eliminate double kfree in intel-iommu initialization
Author: Julia Lawall <julia@diku.dk> The destination of goto error also does a kfree(g_iommus), so it is not correct to do one here. This was found using Coccinelle (http://www.emn.fr/x-info/coccinelle/). Signed-off-by: Julia Lawall Signed-off-by: Jesse Barnes — drivers/pci/intel-iommu.c | 1 – 1 file changed, 1 deletion(-) diff –git a/drivers/pci/intel-iommu.c b/drivers/pci/intel-iommu.c index 66c0fd2..4f05d91 100644 — a/drivers/pci/intel-iommu.c +++ …
May 13 2008
pppol2tp: Remove null pointer dereference.
Author: Julia Lawall <julia@diku.dk> If session is NULL, it is not possible to access its name field. So I have split apart the printing of the error message to drop the printing of the name field in this case. The macro PRINTK actually only evaluates its arguments starting with the third one if the bitwise …
May 13 2008
drivers/video/pnx4008: eliminate double free
Author: Julia Lawall <julia@diku.dk> The function framebuffer_release just calls kfree, so calling kfree subsequently on the same argument represents a double free. The comments with the definition of framebuffer_release in drivers/video/fbsysfs.c suggest that a more elaborate definition of this function is planned, such that the splitting up of framebuffer_release and kfree as done in the …
May 12 2008
drivers/net/fs_enet: remove null pointer dereference
Author: Julia Lawall <julia@diku.dk> The following code appears in the function fs_init_instance in the file drivers/net/fs_enet/fs_enet-main.c. if (fep->ops == NULL) { printk(KERN_ERR DRV_MODULE_NAME « : %s No matching ops found (%d).\n », ndev->name, fpi->fs_no); err = -EINVAL; goto err; } This code implies that at the point of err, fep->ops can be NULL, so an extra test …
