On Tue, Mar 29, 2016 at 05:44:17PM +0200, Vincent Bernat wrote: > ??? 29 mars 2016 17:27 +0200, Willy Tarreau <[email protected]> : > > >> > >> @@ > >> type T; > >> @@ > >> > >> - (T\( \|\)*) > >> (\(lua_touserdata\|malloc\|calloc\)(...)) > >> > >> So, I can rebase the patch as long as it's needed. > > > > Perfect. Then I'll try to flush the large queue ASAP so that we can > > apply such changes. If you're this fluent with coccinelle, I think we > > can do a lot of nice cleanups including changing all "!strcmp()" and > > "!memcmp()" to "*cmp() == 0". I'm also interested in getting rid of > > returns from many function that are supposed to deal with errors and > > which allocate stuff somewhere in the middle of the body. We've had > > several leaks due to this because people don't realise that depending > > where they place the return we free or don't free. A goto to the end > > is much safer in this case. > > I am unlikely to be able to do that, but it will be fun to try. ;-)
For the last part it's almost impossible to do automatically (or it is even riskier than current code). However detecting returns in functions containing malloc/calloc/strdup/my_strndup/pool_alloc2 so that we can manually audit them would be a nice start. I'd even limit the analysis to a subset of them : those which contain at least one of the calls above, at least a goto and at least a return. These ones are suspicious and should probably be studied (and/or fixed) first. Thanks, Willy
