vzalloc

API Overview

vzalloc is an API in Linux kernel. This rule belongs to the api pair type. This rule is generated using APISpecGen.

Rule Description

tip

The resource acquired by vzalloc must be properly released using kfree

info

Tags: api pair
Parameter Index: N/A
CWE Type: CWE-404

Rule Code

    import cpp
import semmle.code.cpp.dataflow.new.DataFlow


DataFlow::Node getSource(FunctionCall fc){
  fc.getTarget().hasName("vzalloc")
  and result.asExpr() = fc
}

DataFlow::Node getSink(FunctionCall fc){
  fc.getTarget().hasName("kfree")
  and result.asExpr() = fc.getArgument(0)
}

FunctionCall freeTarget(FunctionCall malloc){
  DataFlow::localFlow(getSource(malloc), getSink(result))
}

from FunctionCall fc
where fc.getTarget().hasName("vzalloc")
      and not exists(
        FunctionCall free| 
        free = freeTarget(fc)
      )
select fc.getLocation()

    

API Overview​

Rule Description​

Rule Code​

API Overview

Rule Description

Rule Code