Received: by 2002:a05:6902:102b:0:0:0:0 with SMTP id x11csp756769ybt; Wed, 17 Jun 2020 13:10:27 -0700 (PDT) X-Google-Smtp-Source: ABdhPJw3SNs5lgDAbGVNgo8tkyvXZ/ond2+k3EHq9KaL23ApDqupKPiFXIG3VYtdvMEdX5fqfq8C X-Received: by 2002:a17:906:f49:: with SMTP id h9mr839347ejj.155.1592424627145; Wed, 17 Jun 2020 13:10:27 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1592424627; cv=none; d=google.com; s=arc-20160816; b=PGKXvuulOZyU5uvOzR2Fh8uoAaC04LZne5Z+spNMGXVNx1b4nTAmfwT8QarM7DcsU9 wwPkE+j3TGlRMLsMR32Wh7nboFkEs8XrL9I/8HnNHeYSThBzQ5eytihWXiSojkRMCNJR 7Sslfk/zZhYFf6dxxuyiBKdiH5ToSJQSOq0QiE/Lfz4cHIPEfKC4J7wzmaJGIeS//dc5 bYHXXEMHvSY/FOD5w5HLkWAfJfjGJrGWNDL23xNkfRkg0tzaQq2YhY7TYBAZYSDivtDv cG86rW5nMvOph08ToFhEUyev5fwUWZjWbks6W+YyhdeBqdz3fsh1161tmDHY4BhiC9n2 7ruw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:references :message-id:in-reply-to:subject:cc:to:from:date; bh=5ArAqgf/xfRjsHocz7QBQFmi3mcotqopdKvhE2z46Yc=; b=rpCrFrPk+QA7uO7h6uVIWvOenPTjewlBShifoXowpP2gIpDL5ts8zyY/+yrMQ+LLgt 6fIVrUupzIySyVrs+r2gqhY4NmNz5GAq46KqOhB0PdGa98XqNu3OZT6WMSWKNOpxhfjZ SlQI1iunqokPzllxcaV7gG5ZkIF7h5nUTRqrt4kwwYxSWCtxIXTVJs2mpWNvaHqqd8nB 0ZRuMOUeJsttahgBrL3pHn5R8FA78Z3TZ2TG0x6bSlnfJy/8p6qplm6hDvDjrN45avxv mfNmnWYy0c0fp/5rxLeS2sN3SVCGeG8L0E3cKIrXGLU1JGhuwJs4FwVVFr9riGG330nc 3Izg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id v9si585283edr.417.2020.06.17.13.10.05; Wed, 17 Jun 2020 13:10:27 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726840AbgFQUIX (ORCPT + 99 others); Wed, 17 Jun 2020 16:08:23 -0400 Received: from mail3-relais-sop.national.inria.fr ([192.134.164.104]:46855 "EHLO mail3-relais-sop.national.inria.fr" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726597AbgFQUIW (ORCPT ); Wed, 17 Jun 2020 16:08:22 -0400 X-IronPort-AV: E=Sophos;i="5.73,523,1583190000"; d="scan'208";a="351904042" Received: from abo-173-121-68.mrs.modulonet.fr (HELO hadrien) ([85.68.121.173]) by mail3-relais-sop.national.inria.fr with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 17 Jun 2020 22:08:19 +0200 Date: Wed, 17 Jun 2020 22:08:19 +0200 (CEST) From: Julia Lawall X-X-Sender: jll@hadrien To: Denis Efremov cc: "Gustavo A. R. Silva" , Kees Cook , cocci@systeme.lip6.fr, linux-kernel@vger.kernel.org Subject: Re: [Cocci] [PATCH] coccinelle: misc: add array_size_dup script to detect missed overlow checks In-Reply-To: Message-ID: References: <20200615102045.4558-1-efremov@linux.com> <202006151123.3C2CB7782@keescook> <4dd9c371-0c37-a4bb-e957-3848cb1a13ff@embeddedor.com> User-Agent: Alpine 2.22 (DEB 394 2020-01-19) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, 17 Jun 2020, Denis Efremov wrote: > > > > > Awesome! I'll take a look into this. :) > > > Here is another script for your #83 ticket. > Currently, it issues 598 warnings. > > // SPDX-License-Identifier: GPL-2.0-only > /// > /// Check for missing overflow checks in allocation functions. > /// Low confidence because it's pointless to check for overflow > /// relatively small allocations. > /// > // Confidence: Low > // Copyright: (C) 2020 Denis Efremov ISPRAS > // Options: --no-includes --include-headers > > virtual patch > virtual context > virtual org > virtual report > > @depends on patch@ > expression E1, E2, E3, E4, size; > @@ > > ( > - size = E1 * E2; > + size = array_size(E1, E2); > | > - size = E1 * E2 * E3; > + size = array3_size(E1, E2, E3); > | > - size = E1 * E2 + E3; > + size = struct_size(E1, E2, E3); Should the arguments be checked to see if they have something to do with arrays and structures? > ) > ... when != size = E4 > when != size += E4 > when != size -= E4 > when != size *= E4 Here you can have a metavariable assignment operator aop; and then say size aop E4 It doesn't really look like an assignment any more, but it could be a little safer. julia > when != &size > \(kmalloc\|krealloc\|kzalloc\|kzalloc_node\| > vmalloc\|vzalloc\|vzalloc_node\| > kvmalloc\|kvzalloc\|kvzalloc_node\| > sock_kmalloc\| > f2fs_kmalloc\|f2fs_kzalloc\|f2fs_kvmalloc\|f2fs_kvzalloc\| > devm_kmalloc\|devm_kzalloc\) > (..., size, ...) > > @r depends on !patch@ > expression E1, E2, E3, E4, size; > position p; > @@ > > ( > * size = E1 * E2;@p > | > * size = E1 * E2 * E3;@p > | > * size = E1 * E2 + E3;@p > ) > ... when != size = E4 > when != size += E4 > when != size -= E4 > when != size *= E4 > when != &size > * \(kmalloc\|krealloc\|kzalloc\|kzalloc_node\| > vmalloc\|vzalloc\|vzalloc_node\| > kvmalloc\|kvzalloc\|kvzalloc_node\| > sock_kmalloc\| > f2fs_kmalloc\|f2fs_kzalloc\|f2fs_kvmalloc\|f2fs_kvzalloc\| > devm_kmalloc\|devm_kzalloc\) > (..., size, ...) > > @script:python depends on report@ > p << r.p; > @@ > > coccilib.report.print_report(p[0], "WARNING: missing overflow check") > > @script:python depends on org@ > p << r.p; > @@ > > coccilib.org.print_todo(p[0], "WARNING: missing overflow check") > _______________________________________________ > Cocci mailing list > Cocci@systeme.lip6.fr > https://systeme.lip6.fr/mailman/listinfo/cocci >