Project

General

Profile

Actions
Copy link

Bug #8641

open
DB DB

malloc-error-check.cocci: broken regex alternation makes script a no-op

Bug #8641: malloc-error-check.cocci: broken regex alternation makes script a no-op

Added by Denis Balashov 4 days ago. Updated 4 days ago.

Status:
New
Priority:
Normal
Assignee:
Denis Balashov
Target version:
TBD
Affected Versions:
Effort:
Difficulty:
Label:

Description

The identifier regex in qa/coccinelle/malloc-error-check.cocci uses
PCRE-style '(A|B)' syntax in all five identifier =~ patterns. However,
Coccinelle uses OCaml Str as its regex engine, where '|' and '()' are
literal characters, not alternation operators.

As a result, the @malloced rule never matched any SC*alloc function call,
making the entire script silently produce no output — all unchecked
allocations in the codebase went unreported.

Fix: replace '(SCMalloc|SCStrdup|...)' with 'SCMalloc\|SCStrdup\|...'
(OCaml Str alternation syntax) in all five patterns.

This bug was present from the beginning — it is not related to a
Coccinelle version update.

PR
https://github.com/OISF/suricata/pull/15584

Actions
Copy link

Also available in: PDF Atom