From: Kees Cook <keescook@chromium.org>
To: Mansour Moufid <mansourmoufid@gmail.com>
Cc: cocci@inria.fr
Subject: Re: matching an arbitrary struct or union (but not scalars)
Date: Sat, 18 Sep 2021 08:40:19 -0700 [thread overview]
Message-ID: <202109180813.D8EC1ECE07@keescook> (raw)
In-Reply-To: <CALogXGUA2-ztW4eDLQ9RNCda8=8k8cSS_A230vMMAG0zCMeEfA@mail.gmail.com>
On Fri, Sep 17, 2021 at 03:16:21PM -0400, Mansour Moufid wrote:
> This:
>
> @@
> type t;
> identifier x;
> @@
> * t x[...][...];
>
> will match two or more dimensional arrays, like x[1][2] and x[][2] as
> well as x[1][2][3] and so on.
>
> So altogether a script could look like this:
>
> @a@
> identifier s, u;
> type t1 = {struct s, union u};
> type t2 = {struct s, union u};
> identifier x;
> @@
> t1 {
> ...
> t2 x;
> ...
> }
>
> @@
> typedef uuid_t;
> type t = {a.t1, uuid_t};
> identifier x;
> @@
> t x[...] = {
> - 0
> };
>
> @@
> type t;
> identifier x;
> @@
> t x[...][...] = {
> - 0
> };
>
> I assume this is for the Linux kernel? It looks like there are plenty
> of variables of those types but none initialized to {0}. (Although the
> script is not done running through the entire kernel, that takes
> forever.)
Yeah, this is for the kernel. Thanks for helping with this! I was able
to continue the construction and get it working. :)
Here's a test case:
#include <stdio.h>
#include <uuid/uuid.h>
/* Ignore 0-init (no internal compound type) */
struct only_scalars_struct {
int a;
short b;
unsigned long c;
void *ptr;
};
/* has internal struct */
struct has_struct {
int a;
struct only_scalars_struct inner;
void *ptr;
};
/* has internal array */
struct has_array {
int a;
char buf[8];
void *ptr;
};
/* has internal compound type (uuid_t) */
struct has_uuid {
int a;
uuid_t id;
void *ptr;
};
/* has internal array of struct */
struct has_struct_array {
int a;
struct only_scalars_struct many[4];
void *ptr;
};
/* internally defined struct */
struct has_internal_struct_def {
int a;
struct foo {
int b;
int c;
} inside;
void *ptr;
};
/* Ignore 0-init: no internal compound types */
union only_scalars_union {
int a;
short b;
void *ptr;
};
/* has internal union */
struct has_union {
union only_scalars_union z;
void *ptr;
};
/* internally defined union */
union has_internal_union_def {
union {
int a;
long b;
} z;
void *ptr;
};
/* has internal compound types */
union of_many {
struct only_scalars_struct inside;
struct has_union stuffed;
union only_scalars_union scalars;
};
/* has internal array */
union of_array {
char buf[4];
void *ptr;
};
/* has internal compound type */
union of_uuid {
void *ptr;
uuid_t id;
};
int main(void)
{
struct only_scalars_struct a = { 0 }; // should be ignored
struct has_struct b = { 0 };
struct has_union c = { 0 };
struct has_uuid d = { 0 };
struct has_array e = { 0 };
struct has_struct_array f = { 0 };
struct has_internal_struct_def g = { 0 };
union only_scalars_union h = { 0 }; // should be ignored
union of_many i = { 0 };
union of_array j = { 0 };
union of_uuid k = { 0 };
union has_internal_union_def l = { 0 };
char one[16] = { 0 }; // should be ignored
char two[16][5] = { 0 };
uuid_t uuid = { 0 };
struct only_scalars_struct structs[4] = { 0 };
union only_scalars_union unions[4] = { 0 };
puts("hello");
return 0;
}
And here's the cocci:
@compound@
typedef uuid_t;
identifier os, is, ou, iu;
type outer = {struct os, union ou};
type inner = {struct is, union iu, uuid_t};
type t;
identifier x;
@@
outer {
...
(
inner x;
|
inner x[...];
|
t x[...];
|
inner {
...
} x;
|
inner {
...
} x[...];
)
...
};
@single@
typedef uuid_t;
type t = {compound.outer, uuid_t};
identifier x;
@@
t x = {
- 0
};
@array_of_compound_type@
typedef uuid_t;
identifier s, u;
type t = {struct s, union u, uuid_t};
identifier x;
@@
t x[...] = {
- 0
};
@multi_dimensional_array_of_anything@
type t;
identifier x;
@@
t x[...][...] = {
- 0
};
But it emits a bunch of warnings:
warning: compound: metavariable os not used in the - or context code
warning: compound: metavariable is not used in the - or context code
warning: compound: metavariable iu not used in the - or context code
warning: compound: metavariable ou not used in the - or context code
warning: array_of_compound_type: metavariable u not used in the - or context code
warning: array_of_compound_type: metavariable s not used in the - or context code
Can these be silenced in some sane way?
Thanks!
-Kees
--
Kees Cook
next prev parent reply other threads:[~2021-09-18 15:40 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <202109161609.9AB60A934B@keescook>
2021-09-17 4:35 ` matching an arbitrary struct or union (but not scalars) Mansour Moufid
2021-09-17 6:37 ` Julia Lawall
2021-09-17 6:34 ` Julia Lawall
2021-09-17 19:16 ` Mansour Moufid
2021-09-18 15:40 ` Kees Cook [this message]
2021-09-18 15:49 ` Kees Cook
2021-09-18 16:13 ` Julia Lawall
2021-09-21 4:11 ` Kees Cook
2021-09-21 5:37 ` Julia Lawall
2021-09-18 16:12 ` Julia Lawall
2021-09-18 18:50 ` Julia Lawall
2021-09-21 4:08 ` Kees Cook
2021-09-21 5:35 ` Julia Lawall
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202109180813.D8EC1ECE07@keescook \
--to=keescook@chromium.org \
--cc=cocci@inria.fr \
--cc=mansourmoufid@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.