db, extra, user_data: handle: *x = 1; return x;"
authorDan Carpenter <dan.carpenter@oracle.com>
Mon, 16 Sep 2013 10:08:46 +0000 (13:08 +0300)
committerDan Carpenter <dan.carpenter@oracle.com>
Mon, 16 Sep 2013 10:08:46 +0000 (13:08 +0300)
commitfc63475542736ba7667835dbea3532c0e9ec1567
tree9a54f676104e66ea7561771ce51419dae5e9c302
parent0dd8ef4b56e154c6a5591621fd1f2a18f34a8743
db, extra, user_data: handle: *x = 1; return x;"

Say you have code like:

int *frob(void)
{
*x = 42;
return x;
}

It's good to know to record that *x is 42.  But the real reason for this
is because of memdup_user() which does:

void *memdup_user(void *src, size_t size)
{
...
copy_from_user(dest, src, size);
return dest;
}

In the old code, there was no way to record that the data it was returning
was user data.

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
check_user_data.c
smatch_db.c
smatch_extra.c