From: julia.lawall@lip6.fr (Julia Lawall)
To: cocci@systeme.lip6.fr
Subject: [Cocci] … adding missing NULL checks
Date: Fri, 23 Dec 2016 07:43:57 +0100 (CET) [thread overview]
Message-ID: <alpine.DEB.2.20.1612230740560.1983@hadrien> (raw)
In-Reply-To: <20161222225335.oeswg7cbcm76m3wr@fbsd-laptop.lan>
On Thu, 22 Dec 2016, Thomas Adam wrote:
> On Tue, Dec 20, 2016 at 08:45:26PM +0100, SF Markus Elfring wrote:
> > * A filter criterium like ?T = strdup(...);? was specified.
> > How do you think about to use a SmPL disjunction (or an advanced SmPL constraint
> > on a metavariable with the type ?identifier? instead)?
> >
> > * Can the function call ?pkg_emit_errno? become a bit more generic by passing
> > a string from previously matched data?
> >
> > * Would you like to check any more cases so that the technology ?data flow analysis?
> > will be also needed here?
>
> You're right. The next step I'm looking at is making my checks automatable so
> that they can truly patch code properly. Right now, what I have is merely a
> "best guess" placeholder which is inserted, leaving the programmer having to
> go in and correct the compilation.
>
> Consider the following rule:
>
> T = strdup(...);
> + if (T == NULL) {
> + pkg_errno("strdup", __func__);
> + return (EPKG_FATAL);
> + }
> ... when != (T == NULL)
> when != (T != NULL)
> ? T = strdup(...);
>
> The problem is that if this rule matches, the inserted code will always be:
>
> pkg_errno("stdup", __func__);
> return (EPKG_FATAL);
>
> That return should *not* be there if the return type of the function the code is
> being inserted to is anything other than "int". Likewise, if the function
> returns void, it should be "return;", or a pointer should be "NULL".
>
> Is there a clever way of conditionally making this change?
Doing something based on the type would be possible. For example, you can
have a pattern like (simplified version):
void f(...) { <...
x = foo();
+ if (!foo) return;
...> }
Choosing real error handling code that would free the previously allocated
resources is probably beyond the abilities of Coccinelle.
julia
next prev parent reply other threads:[~2016-12-23 6:43 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-12-16 11:34 [Cocci] malloc/calloc/strup adding missing NULL checks Thomas Adam
2016-12-16 11:44 ` Julia Lawall
2016-12-16 13:13 ` Thomas Adam
2016-12-16 13:54 ` Julia Lawall
2016-12-16 14:12 ` Thomas Adam
2016-12-16 14:33 ` Julia Lawall
2016-12-16 14:46 ` Thomas Adam
[not found] ` <alpine.DEB.2.10.1612161549220.6500@hadrien>
2016-12-16 17:08 ` Thomas Adam
[not found] ` <alpine.DEB.2.10.1612161929450.3239@hadrien>
2016-12-16 18:37 ` Thomas Adam
2016-12-16 19:05 ` Julia Lawall
2016-12-16 19:10 ` Thomas Adam
2016-12-16 19:21 ` Julia Lawall
2016-12-16 19:31 ` Thomas Adam
2016-12-16 19:33 ` Julia Lawall
2016-12-16 21:55 ` Thomas Adam
2016-12-20 19:45 ` [Cocci] … " SF Markus Elfring
2016-12-22 22:53 ` Thomas Adam
2016-12-23 6:43 ` Julia Lawall [this message]
2016-12-23 6:54 ` SF Markus Elfring
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=alpine.DEB.2.20.1612230740560.1983@hadrien \
--to=julia.lawall@lip6.fr \
--cc=cocci@systeme.lip6.fr \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.