Structures allocated by crypto_alloc_* must be freed using crypto_free_*. Signed-off-by: Konstantin Khlebnikov <k.khlebnikov at samsung.com> --- scripts/coccinelle/free/crypto_free.cocci | 64 +++++++++++++++++++++++++++++ 1 file changed, 64 insertions(+) create mode 100644 scripts/coccinelle/free/crypto_free.cocci diff --git a/scripts/coccinelle/free/crypto_free.cocci b/scripts/coccinelle/free/crypto_free.cocci new file mode 100644 index 0000000..a717070 --- /dev/null +++ b/scripts/coccinelle/free/crypto_free.cocci @@ -0,0 +1,64 @@ +/// +/// Structures allocated by crypto_alloc_* must be freed using crypto_free_*. +/// This finds freeing them by kfree. +/// +// Confidence: Moderate +// Copyright: (C) 2014 Konstantin Khlebnikov, GPLv2. +// Comments: There are false positives in crypto/ where they are actually freed. +// Keywords: crypto, kfree +// Options: --no-includes --include-headers + +virtual org +virtual report +virtual context + + at r depends on context || org || report@ +expression x; +@@ + +( + x = crypto_alloc_base(...) +| + x = crypto_alloc_cipher(...) +| + x = crypto_alloc_ablkcipher(...) +| + x = crypto_alloc_aead(...) +| + x = crypto_alloc_instance(...) +| + x = crypto_alloc_instance2(...) +| + x = crypto_alloc_comp(...) +| + x = crypto_alloc_pcomp(...) +| + x = crypto_alloc_hash(...) +| + x = crypto_alloc_ahash(...) +| + x = crypto_alloc_shash(...) +| + x = crypto_alloc_rng(...) +) + + at pb@ +expression r.x; +position p; +@@ + +* kfree at p(x) + + at script:python depends on org@ +p << pb.p; +@@ + +msg="WARNING: invalid free of crypto_alloc_* allocated data" +coccilib.org.print_todo(p[0], msg) + + at script:python depends on report@ +p << pb.p; +@@ + +msg="WARNING: invalid free of crypto_alloc_* allocated data" +coccilib.report.print_report(p[0], msg)
