[PATCH 0/5] eliminate possible double free

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



These patches fix cases where a called function frees some data and the
calling context frees the same data.

The complete semantic match is as follows: (http://coccinelle.lip6.fr/)

// <smpl>
@r exists@
parameter list[n] ps;
type T;
identifier a;
expression e;
expression ret != 0;
identifier f,free;
position p1;
@@

f(ps,T a,...) {
  ... when any
      when != a = e
  if(...) { ... free@p1(a); ... return ret; }
  ... when any
}

@s exists@
identifier r.f,r.free;
expression x,a;
position p2,p3;
expression list[r.n] xs;
@@

x = f@p2(xs,a,...);
if (...) { ... free@p3(a); ... return ...; }

@script:python@
p1 << r.p1;
p2 << s.p2;
p3 << s.p3;
@@

cocci.print_main("",p1)
cocci.print_secs("",p2)
cocci.print_secs("",p3)
// </smpl>

--
To unsubscribe from this list: send the line "unsubscribe kernel-janitors" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Index of Archives]     [Kernel Development]     [Kernel Announce]     [Kernel Newbies]     [Linux Networking Development]     [Share Photos]     [IDE]     [Security]     [Git]     [Netfilter]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Device Mapper]

  Powered by Linux