blob: 2efac289fd59d2beb755593acdd0c6fc39f3ec61 [file] [log] [blame]
Julia Lawall29a36d42012-01-14 23:41:54 +01001/// Use memdup_user rather than duplicating its implementation
Nicolas Palix03417452010-08-24 17:39:07 +02002/// This is a little bit restricted to reduce false positives
3///
4// Confidence: High
Julia Lawall29a36d42012-01-14 23:41:54 +01005// Copyright: (C) 2010-2012 Nicolas Palix. GPLv2.
6// Copyright: (C) 2010-2012 Julia Lawall, INRIA/LIP6. GPLv2.
7// Copyright: (C) 2010-2012 Gilles Muller, INRIA/LiP6. GPLv2.
Nicolas Palix03417452010-08-24 17:39:07 +02008// URL: http://coccinelle.lip6.fr/
9// Comments:
10// Options: -no_includes -include_headers
11
12virtual patch
Julia Lawall29a36d42012-01-14 23:41:54 +010013virtual context
14virtual org
15virtual report
Nicolas Palix03417452010-08-24 17:39:07 +020016
Julia Lawall29a36d42012-01-14 23:41:54 +010017@depends on patch@
Nicolas Palix03417452010-08-24 17:39:07 +020018expression from,to,size,flag;
Nicolas Palix03417452010-08-24 17:39:07 +020019identifier l1,l2;
20@@
21
Julia Lawall29a36d42012-01-14 23:41:54 +010022- to = \(kmalloc\|kzalloc\)(size,flag);
Nicolas Palix03417452010-08-24 17:39:07 +020023+ to = memdup_user(from,size);
24 if (
25- to==NULL
26+ IS_ERR(to)
27 || ...) {
28 <+... when != goto l1;
29- -ENOMEM
30+ PTR_ERR(to)
31 ...+>
32 }
33- if (copy_from_user(to, from, size) != 0) {
34- <+... when != goto l2;
35- -EFAULT
36- ...+>
37- }
Julia Lawall29a36d42012-01-14 23:41:54 +010038
39@r depends on !patch@
40expression from,to,size,flag;
41position p;
42statement S1,S2;
43@@
44
45* to = \(kmalloc@p\|kzalloc@p\)(size,flag);
46 if (to==NULL || ...) S1
47 if (copy_from_user(to, from, size) != 0)
48 S2
49
50@script:python depends on org@
51p << r.p;
52@@
53
54coccilib.org.print_todo(p[0], "WARNING opportunity for memdep_user")
55
56@script:python depends on report@
57p << r.p;
58@@
59
60coccilib.report.print_report(p[0], "WARNING opportunity for memdep_user")