Author: Julia Lawall <julia@diku.dk> The semantic patch that makes this change is as follows: (http://coccinelle.lip6.fr/) // @@ expression from,to,size,flag; position p; identifier l1,l2; @@ – to = \(kmalloc@p\|kzalloc@p\)(size,flag); + to = memdup_user(from,size); if ( – to==NULL + IS_ERR(to) || …) { } – if (copy_from_user(to, from, size) != 0) { – – } // Signed-off-by: …
Jul 21 2010
drivers/block: use memdup_user
Author: Julia Lawall <julia@diku.dk> Use memdup_user when user data is immediately copied into the allocated region. Some checkpatch cleanups in nearby code. The semantic patch that makes this change is as follows: (http://coccinelle.lip6.fr/) // @@ expression from,to,size,flag; position p; identifier l1,l2; @@ – to = \(kmalloc@p\|kzalloc@p\)(size,flag); + to = memdup_user(from,size); if ( – to==NULL + …
Jul 21 2010
V4L/DVB: drivers/video/omap2/displays: add missing mutex_unlock
Author: Julia Lawall <julia@diku.dk> Add a mutex_unlock missing on the error paths. The use of the mutex is balanced elsewhere in the file. The semantic match that finds this problem is as follows: (http://coccinelle.lip6.fr/) // @@ expression E1; @@ * mutex_lock(E1,…); * mutex_unlock(E1,…); // Signed-off-by: Julia Lawall Acked-by: Mike Isely Signed-off-by: Andrew Morton Signed-off-by: Mauro …
Jul 20 2010
arch/um/drivers: remove duplicate structure field initialization
Author: Julia Lawall <julia@diku.dk> There are two initializations of ndo_set_mac_address, one to a local function that is not used otherwise and one to a function that is defined elsewhere. The semantic match that finds this problem is as follows: (http://coccinelle.lip6.fr/) // @r@ identifier I, s, fld; position p0,p; expression E; @@ struct I s =@p0 …
Jul 17 2010
dma: dmatest: fix potential sign bug
Author: Kulikov Vasiliy <segooon@gmail.com> ‘cnt’ is unsigned, so this code may become wrong in future as dmatest_add_threads() can return error code: cnt = dmatest_add_threads(dtc, DMA_MEMCPY); thread_count += cnt > 0 ? cnt : 0; ^^^^^^^ Now it can return only -EINVAL if and only if second argument of dmatest_add_threads() is not one of DMA_MEMCPY, DMA_XOR, …
Jul 17 2010
arm: mach-davinci: check irq2ctlr() result
Author: Kulikov Vasiliy <segooon@gmail.com> If irq2ctlr() fails return IRQ_NONE. Also as it can fail make ‘ctlr’ signed. The semantic patch that finds this problem (many false-positive results): (http://coccinelle.lip6.fr/) // @ r1 @ identifier f; @@ int f(…) { … } @@ identifier r1.f; type T; unsigned T x; @@ *x = f(…) … *x > …
Jul 17 2010
net: dccp: fix sign bug
Author: Kulikov Vasiliy <segooon@gmail.com> ‘gap’ is unsigned, so this code is wrong: gap = -new_head; … if (gap > 0) { … } Make ‘gap’ signed. The semantic patch that finds this problem (many false-positive results): (http://coccinelle.lip6.fr/) // @ r1 @ identifier f; @@ int f(…) { … } @@ identifier r1.f; type T; unsigned …
Jul 01 2010
V4L/DVB: drivers/media/video/zoran: Use kmemdup
Author: Julia Lawall <julia@diku.dk> Use kmemdup when some other buffer is immediately copied into the allocated region. A simplified version of the semantic patch that makes this change is as follows: (http://coccinelle.lip6.fr/) // @@ expression from,to,size,flag; statement S; @@ – to = \(kmalloc\|kzalloc\)(size,flag); + to = kmemdup(from,size,flag); if (to==NULL || …) S – memcpy(to, from, …
Jul 01 2010
V4L/DVB: drivers/media/video/tlg2300: Use kmemdup
Author: Julia Lawall <julia@diku.dk> Use kmemdup when some other buffer is immediately copied into the allocated region. A simplified version of the semantic patch that makes this change is as follows: (http://coccinelle.lip6.fr/) // @@ expression from,to,size,flag; statement S; @@ – to = \(kmalloc\|kzalloc\)(size,flag); + to = kmemdup(from,size,flag); if (to==NULL || …) S – memcpy(to, from, …
Jul 01 2010
V4L/DVB: drivers/media/video/uvc: Use kmemdup
Author: Julia Lawall <julia@diku.dk> Use kmemdup when some other buffer is immediately copied into the allocated region. A simplified version of the semantic patch that makes this change is as follows: (http://coccinelle.lip6.fr/) // @@ expression from,to,size,flag; statement S; @@ – to = \(kmalloc\|kzalloc\)(size,flag); + to = kmemdup(from,size,flag); if (to==NULL || …) S – memcpy(to, from, …
