On Fri, 13 Nov 2009, Valdis.Kletnieks@xxxxxx wrote: > On Thu, 12 Nov 2009 18:11:55 PST, Casey Schaufler said: > > James Morris wrote: > > > Do you see potential for a buffer overrun in this case? > > > No, but I hate arguing with people who think that every time > > they see strcmp that they have found a security flaw. > > How do you feel about people who think every time they see strcmp() > "Oh crap, something that needs auditing"? ;) > > The biggest problem with strcmp() is that even if it got audited when that code > went in, it's prone to unaudited breakage when somebody changes something in > some other piece of code, quite often in some other .c file in some other > directory. > > Julia, is there a way to use coccinelle to detect unsafe changes like that? Or > is expressing those semantics too difficult? Could you give a concrete example of something that would be a problem? If something like alias analysis is required, to know what strings a variable might be bound to, that might be difficult. Coccinelle works better when there is some concrete codeto match against. But it is possible to eg match functions that have a certain property of their return value, or to collect all of the values that are stored in a structure field. julia -- To unsubscribe from this list: send the line "unsubscribe kernel-janitors" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
