Re: [Cocci] Coccinelle rule for CVE-2019-18683

From: Markus Elfring
Date: Thu Apr 09 2020 - 04:41:28 EST

Next message: Zhiqiang Liu: "Re: [PATCH] signal: check sig before setting info in kill_pid_usb_asyncio"
Previous message: Jani Nikula: "Re: [RFC 0/6] Regressions for "imply" behavior change"
Next in thread: Alexander Popov: "Re: [Cocci] Coccinelle rule for CVE-2019-18683"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> Do you have any idea how to improve it?

I see further software development possibilities of varying relevance
also for this script of the semantic patch language.

* The SmPL variables âlock_pâ, âunlock_pâ and âstop_pâ could be declared
in a more succinct way just by listing them in the same statement.

* The source code search pattern can be too generic.
How do you think about to consider additional constraints
for safer data control flow analysis?

* Other operation modes might become helpful.

Regards,
Markus

Next message: Zhiqiang Liu: "Re: [PATCH] signal: check sig before setting info in kill_pid_usb_asyncio"
Previous message: Jani Nikula: "Re: [RFC 0/6] Regressions for "imply" behavior change"
Next in thread: Alexander Popov: "Re: [Cocci] Coccinelle rule for CVE-2019-18683"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]