1// SPDX-License-Identifier: GPL-2.0-only 2/// This semantic patch looks for kmalloc etc that are not followed by a 3/// NULL check. It only gives a report in the case where there is some 4/// error handling code later in the function, which may be helpful 5/// in determining what the error handling code for the call to kmalloc etc 6/// should be. 7/// 8// Confidence: High 9// Copyright: (C) 2010 Nicolas Palix, DIKU. 10// Copyright: (C) 2010 Julia Lawall, DIKU. 11// Copyright: (C) 2010 Gilles Muller, INRIA/LiP6. 12// URL: https://coccinelle.gitlabpages.inria.fr/website 13// Comments: 14// Options: --no-includes --include-headers 15 16virtual context 17virtual org 18virtual report 19 20@withtest@ 21expression x; 22position p; 23identifier f,fld; 24@@ 25 26x@p = f(...); 27... when != x->fld 28\(x == NULL \| x != NULL\) 29 30@fixed depends on context && !org && !report@ 31expression x,x1; 32position p1 != withtest.p; 33statement S; 34position any withtest.p; 35identifier f; 36@@ 37 38*x@p1 = \(kmalloc\|kzalloc\|kcalloc\)(...); 39... 40*x1@p = f(...); 41if (!x1) S 42 43// ------------------------------------------------------------------------ 44 45@rfixed depends on (org || report) && !context exists@ 46expression x,x1; 47position p1 != withtest.p; 48position p2; 49statement S; 50position any withtest.p; 51identifier f; 52@@ 53 54x@p1 = \(kmalloc\|kzalloc\|kcalloc\)(...); 55... 56x1@p = f@p2(...); 57if (!x1) S 58 59@script:python depends on org@ 60p1 << rfixed.p1; 61p2 << rfixed.p2; 62@@ 63 64cocci.print_main("alloc call",p1) 65cocci.print_secs("possible model",p2) 66 67@script:python depends on report@ 68p1 << rfixed.p1; 69p2 << rfixed.p2; 70@@ 71 72msg = "alloc with no test, possible model on line %s" % (p2[0].line) 73coccilib.report.print_report(p1[0],msg) 74