The semantic match that finds this problem:
// <smpl>
@@
type T;
identifier x;
@@
T *x;
...
* memset(x, ..., ... * sizeof(x) * ...);
// </smpl>
Signed-off-by: Ilia Mirkin <[email protected]>
---
fs/nfs_common/nfsacl.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
Untested. But it's unlikely that the original intention was to only
zero out the acl's refcount. However all of the acl's fields are
explicitly initialized, so perhaps this can just be removed entirely.
Unless the intention was to avoid leaking stack data in the structure's
padding bytes.
diff --git a/fs/nfs_common/nfsacl.c b/fs/nfs_common/nfsacl.c
index 84c27d6..bc6d81b 100644
--- a/fs/nfs_common/nfsacl.c
+++ b/fs/nfs_common/nfsacl.c
@@ -117,7 +117,7 @@ int nfsacl_encode(struct xdr_buf *buf, unsigned int base, struct inode *inode,
* invoked in contexts where a memory allocation failure is
* fatal. Fortunately this fake ACL is small enough to
* construct on the stack. */
- memset(acl2, 0, sizeof(acl2));
+ memset(acl2, 0, sizeof(*acl2));
posix_acl_init(acl2, 4);
/* Insert entries in canonical order: other orders seem
--
1.7.3.4
On Sun, Feb 20, 2011 at 10:33 PM, Ilia Mirkin <[email protected]> wrote:
> The semantic match that finds this problem:
> // <smpl>
> @@
> type T;
> identifier x;
> @@
>
> T *x;
> ...
> * memset(x, ..., ... * sizeof(x) * ...);
> // </smpl>
>
> Signed-off-by: Ilia Mirkin <[email protected]>
>
> ---
> ?fs/nfs_common/nfsacl.c | ? ?2 +-
> ?1 files changed, 1 insertions(+), 1 deletions(-)
>
> Untested. But it's unlikely that the original intention was to only
> zero out the acl's refcount. However all of the acl's fields are
> explicitly initialized, so perhaps this can just be removed entirely.
> Unless the intention was to avoid leaking stack data in the structure's
> padding bytes.
Erm, nevermind. Looks like there already was a thread about this, with
the resolution to just remove the memset, but the patch just hadsn't
made it upstream yet.
--
Ilia Mirkin
[email protected]