From df9b259d80156a8b403c83e0995147587c2f922c Mon Sep 17 00:00:00 2001 From: Dan Carpenter Date: Thu, 21 Mar 2013 08:06:49 +0300 Subject: [PATCH] db: manually delete some USER_DATA markers from the database My systems is set up slightly different from the published version of Smatch because I don't mind false positives. This probably doesn't affect anyone except me. There are a couple places which get flagged as user data which cause too many false positives even for me and this manually clears them out. Some of the issues here are maybe that the data comes from the hardware and it's trusted but Smatch thinks it comes from the user and is untrusted. Sometimes there is an opaque parameter which can rarely be user data but mostly is not and you can only tell if you have extensive knowledge about the other parameters. oz_process_ep0_urb() was getting information from the hardware and using it to call dev_hard_start_xmit(). The latter calls a popular function pointer which flagged everything as user data. I've blocked this in two places. According to Smatch packet_rcv_fanout() calls itself recursively (via a function pointer). It must have got flagged as taking USER_DATA. Although it doesn't take USER_DATA any more, because it passes USER_DATA to itself then I needed to manually break the cycle. Signed-off-by: Dan Carpenter --- smatch_data/db/fixup_kernel.sh | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/smatch_data/db/fixup_kernel.sh b/smatch_data/db/fixup_kernel.sh index d640fac7..f3fcfe3a 100755 --- a/smatch_data/db/fixup_kernel.sh +++ b/smatch_data/db/fixup_kernel.sh @@ -10,6 +10,11 @@ delete from caller_info where function = '(struct file_operations)->read' and fi delete from caller_info where function = '(struct file_operations)->write' and file != 'fs/read_write.c'; delete from caller_info where function = '(struct notifier_block)->notifier_call'; +delete from caller_info where caller = 'hid_input_report' and type = 3; +delete from caller_info where caller = 'nes_process_iwarp_aeqe' and type = 3; +delete from caller_info where caller = 'oz_process_ep0_urb' and type = 3; +delete from caller_info where function = 'dev_hard_start_xmit' and key = '\$\$' and type = 3; +delete from caller_info where caller = 'packet_rcv_fanout' and function = '(struct packet_type)->func' and parameter = 1 and type = 3; EOF -- 2.11.4.GIT