It sounds like Coverity was used to produce these patches? If so, is there a plan to have smatch (hey Dan) or other open source static analysis tool be possibly enhanced to do a similar type of work?
I'd love for that to happen; the tricky part is being able to have even a sort of sensible concept of "trusted" vs "untrusted" value... if you look at a very small window of code, that does not work well; you likely need to even look (as tool) across .c file boundaries
