e754948125
include/linux/overflow.h includes helper macros intended for calculating sizes of allocations. These macros prevent accidental overflow by saturating at SIZE_MAX. In general when calculating such sizes use of the macros is preferred. Add a semantic patch which can detect code patterns which can be replaced by struct_size. Note that I set the confidence to medium because this patch doesn't make an attempt to ensure that the relevant array is actually a flexible array. The struct_size macro does specifically require a flexible array. In many cases the detected code could be refactored to a flexible array, but this is not always possible (such as if there are multiple over-allocations). Signed-off-by: Jacob Keller <jacob.e.keller@intel.com> Link: https://lore.kernel.org/r/20230227202428.3657443-1-jacob.e.keller@intel.com Signed-off-by: Kees Cook <keescook@chromium.org> |
||
---|---|---|
.. | ||
add_namespace.cocci | ||
array_size_dup.cocci | ||
array_size.cocci | ||
badty.cocci | ||
boolconv.cocci | ||
cond_no_effect.cocci | ||
cstptr.cocci | ||
do_div.cocci | ||
doubleinit.cocci | ||
excluded_middle.cocci | ||
flexible_array.cocci | ||
ifcol.cocci | ||
irqf_oneshot.cocci | ||
minmax.cocci | ||
newline_in_nl_msg.cocci | ||
noderef.cocci | ||
of_table.cocci | ||
orplus.cocci | ||
returnvar.cocci | ||
semicolon.cocci | ||
struct_size.cocci | ||
swap.cocci | ||
test_addr.cocci | ||
uninitialized_var.cocci | ||
warn.cocci |