Closed saimukund closed 2 years ago
re 1: you can use embedded regular expressions to match on part of a token text, as in: { . /alloc ^/free }
re 2: the above should get you any level of scope, including function scope, but if you want to limit it, you could attach a constraint, for instance as in: { <1> . /alloc ^/free } @1 (.curly == 1) which restrict the match on the opening curly brace to be at level 1, which is the start of a function body (or, of course, a structure/union etc, to sometimes spoil things a bit)
you can do the whole thing also more precisely with a script - but then it'll probably take a bit to get the hang of writing inline programs etc. it's worth figuring these things out though -- the inline progs are very powerful
Thanks for your quick answer. I will try it out. Is the regular expression case insensitive here? Does it matches both free variants that I mentioned earlier.
the regular expression is case-sensitive, so I guess you can make it something like /[Ff][Rr][Ee][Ee], or do two searches
Hi, First of all, thanks for sharing this wonderful project with the community and also for the continuous improvements and rules library . I am using cobra to find out memory leaks in our product. I was able to catch a few leaks using simple query.
While this works for basic cases where alloc() and free() are in same scope, I have other scenarios for which could you please suggest the pattern/command that would work.
It is possible some functions use either of the free implementations or both. So,
Do you think this pattern is correct without identifier? find . -name ".c" | xargs cobra -pat '{ . cmsMem_alloc ^(cmsMem_free|CMSMEM_FREE_BUF_AND_NULL_PTR)* }'
Can we add ident as well here? Kindly share if this is feasible?