Memdup_user encapsulates a memory allocation with the flag GFP_KERNEL, so
only allow this flag in the original code.
Signed-off-by: Julia Lawall <Julia.Lawall@lip6.fr>
Signed-off-by: Michal Marek <mmarek@suse.com>
virtual report
@depends on patch@
virtual report
@depends on patch@
-expression from,to,size,flag;
+expression from,to,size;
-- to = \(kmalloc\|kzalloc\)(size,flag);
+- to = \(kmalloc\|kzalloc\)(size,GFP_KERNEL);
+ to = memdup_user(from,size);
if (
- to==NULL
+ to = memdup_user(from,size);
if (
- to==NULL
- }
@r depends on !patch@
- }
@r depends on !patch@
-expression from,to,size,flag;
+expression from,to,size;
position p;
statement S1,S2;
@@
position p;
statement S1,S2;
@@
-* to = \(kmalloc@p\|kzalloc@p\)(size,flag);
+* to = \(kmalloc@p\|kzalloc@p\)(size,GFP_KERNEL);
if (to==NULL || ...) S1
if (copy_from_user(to, from, size) != 0)
S2
if (to==NULL || ...) S1
if (copy_from_user(to, from, size) != 0)
S2