On Tue, 27 Nov 2018 07:16:44 -0600 Eric Blake <ebl...@redhat.com> wrote:
> On 11/27/18 7:04 AM, Greg Kurz wrote: > > As explained in HACKING, the g_malloc(sizeof(T) * n) construct is unsafe > > because it can't detect multiplication overflowing size_t and doesn't > > allow type checking. > > > > It appears to be used in a bunch of places though: > > > > $ git grep -E 'malloc.*sizeof' | grep ' \* ' | wc -l > > 101 > > > > This series fixes the ppc target and ppc machine code. The changes are > > mostly trivial. Only the mac99 and e500 machines required some more work > > that should be reviewed carefully, as it was only compile-tested. > > Did you do this all manually, or did you try to use Coccinelle? Hmm - > we have a Coccinelle script for this mentioned in commit b45c03f (most > recently reused in bdd81add) - but it is not yet in scripts/coccinelle/. > Maybe that would be worth doing now. > I did that manually because I didn't know about Markus's Coccinelle script... Also, I've only fixed the case involving a multiplication, since HACKING says "g_malloc(sizeof(*v)) are acceptable". I'll have a look at adding the script in scripts/coccinelle/. Cheers, -- Greg
