mirror of
				git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
				synced 2025-09-04 20:19:47 +08:00 
			
		
		
		
	 e754948125
			
		
	
	
		e754948125
		
	
	
	
	
		
			
			include/linux/overflow.h includes helper macros intended for calculating sizes of allocations. These macros prevent accidental overflow by saturating at SIZE_MAX. In general when calculating such sizes use of the macros is preferred. Add a semantic patch which can detect code patterns which can be replaced by struct_size. Note that I set the confidence to medium because this patch doesn't make an attempt to ensure that the relevant array is actually a flexible array. The struct_size macro does specifically require a flexible array. In many cases the detected code could be refactored to a flexible array, but this is not always possible (such as if there are multiple over-allocations). Signed-off-by: Jacob Keller <jacob.e.keller@intel.com> Link: https://lore.kernel.org/r/20230227202428.3657443-1-jacob.e.keller@intel.com Signed-off-by: Kees Cook <keescook@chromium.org>
		
			
				
	
	
		
			75 lines
		
	
	
		
			1.6 KiB
		
	
	
	
		
			Plaintext
		
	
	
	
	
	
			
		
		
	
	
			75 lines
		
	
	
		
			1.6 KiB
		
	
	
	
		
			Plaintext
		
	
	
	
	
	
| // SPDX-License-Identifier: GPL-2.0-only
 | |
| ///
 | |
| /// Check for code that could use struct_size().
 | |
| ///
 | |
| // Confidence: Medium
 | |
| // Author: Jacob Keller <jacob.e.keller@intel.com>
 | |
| // Copyright: (C) 2023 Intel Corporation
 | |
| // Options: --no-includes --include-headers
 | |
| 
 | |
| virtual patch
 | |
| virtual context
 | |
| virtual org
 | |
| virtual report
 | |
| 
 | |
| // the overflow Kunit tests have some code which intentionally does not use
 | |
| // the macros, so we want to ignore this code when reporting potential
 | |
| // issues.
 | |
| @overflow_tests@
 | |
| identifier f = overflow_size_helpers_test;
 | |
| @@
 | |
| 
 | |
| f
 | |
| 
 | |
| //----------------------------------------------------------
 | |
| //  For context mode
 | |
| //----------------------------------------------------------
 | |
| 
 | |
| @depends on !overflow_tests && context@
 | |
| expression E1, E2;
 | |
| identifier m;
 | |
| @@
 | |
| (
 | |
| * (sizeof(*E1) + (E2 * sizeof(*E1->m)))
 | |
| )
 | |
| 
 | |
| //----------------------------------------------------------
 | |
| //  For patch mode
 | |
| //----------------------------------------------------------
 | |
| 
 | |
| @depends on !overflow_tests && patch@
 | |
| expression E1, E2;
 | |
| identifier m;
 | |
| @@
 | |
| (
 | |
| - (sizeof(*E1) + (E2 * sizeof(*E1->m)))
 | |
| + struct_size(E1, m, E2)
 | |
| )
 | |
| 
 | |
| //----------------------------------------------------------
 | |
| //  For org and report mode
 | |
| //----------------------------------------------------------
 | |
| 
 | |
| @r depends on !overflow_tests && (org || report)@
 | |
| expression E1, E2;
 | |
| identifier m;
 | |
| position p;
 | |
| @@
 | |
| (
 | |
|  (sizeof(*E1)@p + (E2 * sizeof(*E1->m)))
 | |
| )
 | |
| 
 | |
| @script:python depends on org@
 | |
| p << r.p;
 | |
| @@
 | |
| 
 | |
| coccilib.org.print_todo(p[0], "WARNING should use struct_size")
 | |
| 
 | |
| @script:python depends on report@
 | |
| p << r.p;
 | |
| @@
 | |
| 
 | |
| msg="WARNING: Use struct_size"
 | |
| coccilib.report.print_report(p[0], msg)
 | |
| 
 |