__ __ __ __ _____ _ _ _____ _ _ _ | \/ | \ \ / / | __ \ (_) | | / ____| | | | | | \ / |_ __\ V / | |__) | __ ___ ____ _| |_ ___ | (___ | |__ ___| | | | |\/| | '__|> < | ___/ '__| \ \ / / _` | __/ _ \ \___ \| '_ \ / _ \ | | | | | | |_ / . \ | | | | | |\ V / (_| | || __/ ____) | | | | __/ | | |_| |_|_(_)_/ \_\ |_| |_| |_| \_/ \__,_|\__\___| |_____/|_| |_|\___V 2.1 if you need WebShell for Seo everyday contact me on Telegram Telegram Address : @jackleetFor_More_Tools:
// SPDX-License-Identifier: GPL-2.0-only
/// Use memdup_user rather than duplicating its implementation
/// This is a little bit restricted to reduce false positives
///
// Confidence: High
// Copyright: (C) 2010-2012 Nicolas Palix.
// Copyright: (C) 2010-2012 Julia Lawall, INRIA/LIP6.
// Copyright: (C) 2010-2012 Gilles Muller, INRIA/LiP6.
// URL: https://coccinelle.gitlabpages.inria.fr/website
// Comments:
// Options: --no-includes --include-headers
virtual patch
virtual context
virtual org
virtual report
@initialize:python@
@@
filter = frozenset(['memdup_user', 'vmemdup_user'])
def relevant(p):
return not (filter & {el.current_element for el in p})
@depends on patch@
expression from,to,size;
identifier l1,l2;
position p : script:python() { relevant(p) };
@@
- to = \(kmalloc@p\|kzalloc@p\)
- (size,\(GFP_KERNEL\|GFP_USER\|
- \(GFP_KERNEL\|GFP_USER\)|__GFP_NOWARN\));
+ to = memdup_user(from,size);
if (
- to==NULL
+ IS_ERR(to)
|| ...) {
<+... when != goto l1;
- -ENOMEM
+ PTR_ERR(to)
...+>
}
- if (copy_from_user(to, from, size) != 0) {
- <+... when != goto l2;
- -EFAULT
- ...+>
- }
@depends on patch@
expression from,to,size;
identifier l1,l2;
position p : script:python() { relevant(p) };
@@
- to = \(kvmalloc@p\|kvzalloc@p\)(size,\(GFP_KERNEL\|GFP_USER\));
+ to = vmemdup_user(from,size);
if (
- to==NULL
+ IS_ERR(to)
|| ...) {
<+... when != goto l1;
- -ENOMEM
+ PTR_ERR(to)
...+>
}
- if (copy_from_user(to, from, size) != 0) {
- <+... when != goto l2;
- -EFAULT
- ...+>
- }
@r depends on !patch@
expression from,to,size;
position p : script:python() { relevant(p) };
statement S1,S2;
@@
* to = \(kmalloc@p\|kzalloc@p\)
(size,\(GFP_KERNEL\|GFP_USER\|
\(GFP_KERNEL\|GFP_USER\)|__GFP_NOWARN\));
if (to==NULL || ...) S1
if (copy_from_user(to, from, size) != 0)
S2
@rv depends on !patch@
expression from,to,size;
position p : script:python() { relevant(p) };
statement S1,S2;
@@
* to = \(kvmalloc@p\|kvzalloc@p\)(size,\(GFP_KERNEL\|GFP_USER\));
if (to==NULL || ...) S1
if (copy_from_user(to, from, size) != 0)
S2
@script:python depends on org@
p << r.p;
@@
coccilib.org.print_todo(p[0], "WARNING opportunity for memdup_user")
@script:python depends on report@
p << r.p;
@@
coccilib.report.print_report(p[0], "WARNING opportunity for memdup_user")
@script:python depends on org@
p << rv.p;
@@
coccilib.org.print_todo(p[0], "WARNING opportunity for vmemdup_user")
@script:python depends on report@
p << rv.p;
@@
coccilib.report.print_report(p[0], "WARNING opportunity for vmemdup_user")
| Name | Type | Size | Permission | Actions |
|---|---|---|---|---|
| alloc | Folder | 0755 |
|
|
| atomic_as_refcounter.cocci | File | 2.27 KB | 0644 |
|
| check_bq27xxx_data.cocci | File | 3.48 KB | 0644 |
|
| d_find_alias.cocci | File | 1.3 KB | 0644 |
|
| device_attr_show.cocci | File | 1.06 KB | 0644 |
|
| err_cast.cocci | File | 1.11 KB | 0644 |
|
| kfree_mismatch.cocci | File | 5.56 KB | 0644 |
|
| kfree_sensitive.cocci | File | 1.91 KB | 0644 |
|
| kstrdup.cocci | File | 2.44 KB | 0644 |
|
| kvmalloc.cocci | File | 6.14 KB | 0644 |
|
| memdup.cocci | File | 1.36 KB | 0644 |
|
| memdup_user.cocci | File | 2.6 KB | 0644 |
|
| platform_get_irq.cocci | File | 1.22 KB | 0644 |
|
| platform_no_drv_owner.cocci | File | 3.81 KB | 0644 |
|
| pm_runtime.cocci | File | 2.39 KB | 0644 |
|
| resource_size.cocci | File | 2.1 KB | 0644 |
|
| simple_open.cocci | File | 1.21 KB | 0644 |
|
| stream_open.cocci | File | 7.67 KB | 0644 |
|
| string_choices.cocci | File | 5.9 KB | 0644 |
|
| vma_pages.cocci | File | 1.48 KB | 0644 |
|