From 1bf88c69ad09230d19677f64c9cae14063cf237f Mon Sep 17 00:00:00 2001 From: Dan Carpenter Date: Thu, 18 Apr 2013 14:34:36 +0300 Subject: [PATCH] db: kernel: fake up ->read/write() limits rw_verify_area() checks that the *off + count parameters of read() and write() can't overflow. What if said here is that both off and count are between 0 and 100000. Which isn't true, but it cuts down on some false positives. Signed-off-by: Dan Carpenter --- smatch_data/db/fixup_kernel.sh | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/smatch_data/db/fixup_kernel.sh b/smatch_data/db/fixup_kernel.sh index 4d178096..3a8aaf6b 100755 --- a/smatch_data/db/fixup_kernel.sh +++ b/smatch_data/db/fixup_kernel.sh @@ -23,5 +23,16 @@ delete from caller_info where caller = 'hptiop_probe' and type = 3; delete from caller_info where function = '(struct timer_list)->function' and parameter = 0; +delete from return_states where function = 'rw_verify_area'; +insert into return_states values ('faked', 'rw_verify_area', 0, 1, '0-1000000', 0, 0, -1, '', ''); +insert into return_states values ('faked', 'rw_verify_area', 0, 1, '0-1000000', 0, 11, 2, '*\$\$', '0-1000000'); +insert into return_states values ('faked', 'rw_verify_area', 0, 1, '0-1000000', 0, 11, 3, '\$\$', '0-1000000'); +insert into return_states values ('faked', 'rw_verify_area', 0, 2, '(-4095)-(-1)', 0, 0, -1, '', ''); + EOF +call_id=$(echo "select distinct call_id from caller_info where function = '__kernel_write';" | sqlite3 smatch_db.sqlite) +for id in $call_id ; do + echo "insert into caller_info values ('fake', '', '__kernel_write', $id, 0, 1, 3, '*\$\$', '0-1000000');" | sqlite3 smatch_db.sqlite +done + -- 2.11.4.GIT