Search Linux Wireless

Re: [patch] wireless: at76c50x: allocating too much data

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 





On Sat, 21 Apr 2012, Dan Carpenter wrote:

On Sat, Apr 21, 2012 at 05:51:41PM +0300, Dan Carpenter wrote:
On Sat, Apr 21, 2012 at 03:51:44PM +0200, Julia Lawall wrote:
Looking for x = ... sizeof(x) ... I get 9 reports.  In most cases it
looks like sizeof(x) is coincidentally the same as the size that is
wanted.  Two cases that look like they could have some noticible
effect are:

arch/xtensa/platforms/iss/network.c, line 789
drivers/block/cciss.c, line 4211


Clever.  You'd need to restrict it to places where x was a  pointer.
That's better than my check which was specific to kmalloc().  (So
uh...  I'm going to rewrite mine as well to be more generic.  :P)


Hm...  Smatch is not really the right tool here.  By the time Sparse
gives you the sizeof(foo) information, it just looks like a number
8.

I hacked up Sparse a bit so it works for simple expressions which
are one token in from the c tokenizer.  So:

	foo = kmalloc(sizeof(foo), GFP_KERNEL); => error.
	foo->bar = kmalloc(sizeof(foo->bar), GFP_KERNEL); => tricky.

It's not ideal.  Coccinelle is better for this.

On the other hand, Coccinelle has no idea what the size is, so it doesn't know how important the problem is.

julia
--
To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Index of Archives]     [Linux Host AP]     [ATH6KL]     [Linux Wireless Personal Area Network]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [Linux Kernel]     [IDE]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite Hiking]     [MIPS Linux]     [ARM Linux]     [Linux RAID]

  Powered by Linux