1 /* 2 * Copyright (C) 2011 Dan Carpenter. 3 * 4 * This program is free software; you can redistribute it and/or 5 * modify it under the terms of the GNU General Public License 6 * as published by the Free Software Foundation; either version 2 7 * of the License, or (at your option) any later version. 8 * 9 * This program is distributed in the hope that it will be useful, 10 * but WITHOUT ANY WARRANTY; without even the implied warranty of 11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 * GNU General Public License for more details. 13 * 14 * You should have received a copy of the GNU General Public License 15 * along with this program; if not, see http://www.gnu.org/copyleft/gpl.txt 16 */ 17 18 #include "smatch.h" 19 20 static int my_id; 21 22 static int get_data_size(struct expression *ptr) 23 { 24 struct symbol *type; 25 26 type = get_type(ptr); 27 if (!type || type->type != SYM_PTR) 28 return 0; 29 type = get_base_type(type); 30 if (!type) 31 return 0; 32 return type_bytes(type); 33 } 34 35 static void check_size_matches(int data_size, struct expression *size_expr) 36 { 37 sval_t sval; 38 39 if (data_size == 1) /* this is generic a buffer */ 40 return; 41 42 if (!get_implied_value(size_expr, &sval)) 43 return; 44 if (sval_cmp_val(sval, data_size) != 0) 45 sm_warning("double check that we're allocating correct size: %d vs %s", data_size, sval_to_str(sval)); 46 } 47 48 static void match_alloc(const char *fn, struct expression *expr, void *unused) 49 { 50 struct expression *call = strip_expr(expr->right); 51 struct expression *arg; 52 int ptr_size; 53 54 ptr_size = get_data_size(expr->left); 55 if (!ptr_size) 56 return; 57 58 arg = get_argument_from_call_expr(call->args, 0); 59 arg = strip_expr(arg); 60 if (!arg || arg->type != EXPR_BINOP || arg->op != '*') 61 return; 62 if (expr->left->type == EXPR_SIZEOF) 63 check_size_matches(ptr_size, arg->left); 64 if (expr->right->type == EXPR_SIZEOF) 65 check_size_matches(ptr_size, arg->right); 66 } 67 68 static void match_calloc(const char *fn, struct expression *expr, void *_arg_nr) 69 { 70 int arg_nr = PTR_INT(_arg_nr); 71 struct expression *call = strip_expr(expr->right); 72 struct expression *arg; 73 int ptr_size; 74 75 ptr_size = get_data_size(expr->left); 76 if (!ptr_size) 77 return; 78 79 arg = get_argument_from_call_expr(call->args, arg_nr); 80 check_size_matches(ptr_size, arg); 81 } 82 83 void check_kmalloc_wrong_size(int id) 84 { 85 my_id = id; 86 87 if (option_project != PROJ_KERNEL) { 88 add_function_assign_hook("malloc", &match_alloc, NULL); 89 add_function_assign_hook("calloc", &match_calloc, INT_PTR(1)); 90 return; 91 } 92 93 add_function_assign_hook("kmalloc", &match_alloc, NULL); 94 add_function_assign_hook("kcalloc", &match_calloc, INT_PTR(1)); 95 } 96