Faults in Linux Kernel 3.x : Wrong use of krealloc

As part of my work, I need to annotate  the reports generated using Coccinelle Scripts as bugs/FPs for recent Linux Kernels, recent as in versions > 3.0 till the current one 3.18.

As I’m reading the reports (newer ones), so today I completed Linux_realloc.new.org.

Continue reading

#bug, #coccinelle, #coccinelle-scripts, #faults, #krealloc, #linux-kernel, #linux-kernels

Faults in Linux Kernel 3.x : Interrupts turned off but not turned on again

As part of my work, I need to annotate  the reports generated using Coccinelle Scripts as bugs/FPs for recent Linux Kernels, recent as in versions > 3.0 till the current one 3.18.

As I’m reading the reports (newer ones), so today I completed Linux_intr.new.org.

Continue reading

#bugs, #coccinelle, #coccinelle-scripts, #faults, #interrupt, #linux-kernel, #linux-kernels

Faults in Linux 3.x : Using value from get_user without check as array index

As part of my work, I need to annotate  the reports generated using Coccinelle Scripts as bugs/FPs for recent Linux Kernels, recent as in versions > 3.0 till the current one 3.18.

As I’m reading the reports (newer ones), so today I completed Linux_get.new.org.

Continue reading

#array-indices, #bugs, #coccinelle, #coccinelle-scripts, #faults, #get_user, #linux-kernel, #linux-kernels

Faults in Linux: Using freed memory

As part of my project, while reading the reports, I came to know about bugs, using X after freeing it.  There were many in the versions 2.4.x and 2.6.x. I was also required to list FPs (false positives) by Coccinelle. This post will be about, what I found for the case of using freed memory.

You can view the complete report as a PDF here and as a HTML file here.

Continue reading

#bugs, #coccinelle, #false-positives, #foss-2, #fossopw

Faults in Linux: Using value taken from user as array bounds without check

As part of my project, while reading the reports, I came to know about bugs of type where unchecked values obtained from the user level are used as array indices or loop bounds..  These were less in the versions 2.4.x and 2.6.x. I was also required to list FPs (false positives) by Coccinelle. This post is be about the mentioned type.

You can view the complete report as a PDF here and as a HTML file here.

Continue reading

#array-bounds, #array-indices, #coccinelle, #false-positives

Faults in Linux: Using incorrect sizeof expressions

As part of my project, while reading the reports, I came to know about bugs where incorrect sizeof expressions are used, typically leading to allocation of data of the wrong size.  There were many in the versions 2.4.x and 2.6.x. I was also required to list FPs (false positives) by Coccinelle. This post will be about, what I found for the mentioned case.

You can view the complete report as a PDF here and as a HTML file here.

Continue reading

#coccinelle, #faults, #foss-2, #incorrect-usage, #linux-kernel, #opw, #sizeof, #sizeof-expressions

Faults in Linux: Not checking for Null before dereferencing

As part of my project, while reading the reports, I came to know about bugs of type which were not checking for null before derefencing.  There were many in the versions 2.4.x and 2.6.x. I was also required to list FPs (false positives) by Coccinelle. This post will be about, what I found for the case of NULL return values are tested before being derferenced or not?

You can view the complete report as a PDF here and as a HTML file here.

Continue reading

#bugs, #c, #coccinelle, #foss-2, #fossopw, #null-return-values