>
> Awesome! I'll take a look into this. :)
>
Here is another script for your #83 ticket.
Currently, it issues 598 warnings.
// SPDX-License-Identifier: GPL-2.0-only
///
/// Check for missing overflow checks in allocation functions.
/// Low confidence because it's pointless to check for overflow
/// relatively small allocations.
///
// Confidence: Low
// Copyright: (C) 2020 Denis Efremov ISPRAS
// Options: --no-includes --include-headers
virtual patch
virtual context
virtual org
virtual report
@depends on patch@
expression E1, E2, E3, E4, size;
@@
(
- size = E1 * E2;
+ size = array_size(E1, E2);
|
- size = E1 * E2 * E3;
+ size = array3_size(E1, E2, E3);
|
- size = E1 * E2 + E3;
+ size = struct_size(E1, E2, E3);
)
... when != size = E4
when != size += E4
when != size -= E4
when != size *= E4
when != &size
\(kmalloc\|krealloc\|kzalloc\|kzalloc_node\|
vmalloc\|vzalloc\|vzalloc_node\|
kvmalloc\|kvzalloc\|kvzalloc_node\|
sock_kmalloc\|
f2fs_kmalloc\|f2fs_kzalloc\|f2fs_kvmalloc\|f2fs_kvzalloc\|
devm_kmalloc\|devm_kzalloc\)
(..., size, ...)
@r depends on !patch@
expression E1, E2, E3, E4, size;
position p;
@@
(
* size = E1 * E2;@p
|
* size = E1 * E2 * E3;@p
|
* size = E1 * E2 + E3;@p
)
... when != size = E4
when != size += E4
when != size -= E4
when != size *= E4
when != &size
* \(kmalloc\|krealloc\|kzalloc\|kzalloc_node\|
vmalloc\|vzalloc\|vzalloc_node\|
kvmalloc\|kvzalloc\|kvzalloc_node\|
sock_kmalloc\|
f2fs_kmalloc\|f2fs_kzalloc\|f2fs_kvmalloc\|f2fs_kvzalloc\|
devm_kmalloc\|devm_kzalloc\)
(..., size, ...)
@script:python depends on report@
p << r.p;
@@
coccilib.report.print_report(p[0], "WARNING: missing overflow check")
@script:python depends on org@
p << r.p;
@@
coccilib.org.print_todo(p[0], "WARNING: missing overflow check")
