The following issues were found
kernel/trace/trace_seq.c
1 issues
Line: 207
Column: 21
CWE codes:
126
*/
void trace_seq_puts(struct trace_seq *s, const char *str)
{
unsigned int len = strlen(str);
if (s->full)
return;
__trace_seq_init(s);
Reported by FlawFinder.
include/uapi/linux/netfilter/xt_bpf.h
1 issues
Line: 35
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
__s32 fd;
union {
struct sock_filter bpf_program[XT_BPF_MAX_NUM_INSTR];
char path[XT_BPF_PATH_MAX];
};
/* only used in the kernel */
struct bpf_prog *filter __attribute__((aligned(8)));
};
Reported by FlawFinder.
kernel/trace/tracing_map.c
1 issues
Line: 573
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
break;
}
memcpy(elt->key, key, map->key_size);
entry->val = elt;
atomic64_inc(&map->hits);
return entry->val;
} else {
Reported by FlawFinder.
kernel/tsacct.c
1 issues
Line: 74
Column: 2
CWE codes:
120
stats->ac_minflt = tsk->min_flt;
stats->ac_majflt = tsk->maj_flt;
strncpy(stats->ac_comm, tsk->comm, sizeof(stats->ac_comm));
}
#ifdef CONFIG_TASK_XACCT
Reported by FlawFinder.
kernel/umh.c
1 issues
Line: 424
Column: 6
CWE codes:
126
* here. This allows us to set STATIC_USERMODEHELPER_PATH to "" and
* disable all call_usermodehelper() calls.
*/
if (strlen(sub_info->path) == 0)
goto out;
/*
* Set the completion pointer only if there is a waiter.
* This makes it possible to use umh_complete to free
Reported by FlawFinder.
kernel/user.c
1 issues
Line: 31
.uid_map = {
.nr_extents = 1,
{
.extent[0] = {
.first = 0,
.lower_first = 0,
.count = 4294967295U,
},
},
Reported by Cppcheck.
include/linux/uio_driver.h
1 issues
Line: 109
Column: 8
CWE codes:
362
void *priv;
irqreturn_t (*handler)(int irq, struct uio_info *dev_info);
int (*mmap)(struct uio_info *info, struct vm_area_struct *vma);
int (*open)(struct uio_info *info, struct inode *inode);
int (*release)(struct uio_info *info, struct inode *inode);
int (*irqcontrol)(struct uio_info *info, s32 irq_on);
};
extern int __must_check
Reported by FlawFinder.
kernel/watch_queue.c
1 issues
Line: 105
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
get_page(page);
len = n->info & WATCH_INFO_LENGTH;
p = kmap_atomic(page);
memcpy(p + offset, n, len);
kunmap_atomic(p);
buf = &pipe->bufs[head & mask];
buf->page = page;
buf->private = (unsigned long)wqueue;
Reported by FlawFinder.
include/uapi/linux/netfilter/xt_TEE.h
1 issues
Line: 9
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct xt_tee_tginfo {
union nf_inet_addr gw;
char oif[16];
/* used internally by the kernel */
struct xt_tee_priv *priv __attribute__((aligned(8)));
};
Reported by FlawFinder.
kernel/workqueue_internal.h
1 issues
Line: 53
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
* Opaque string set with work_set_desc(). Printed out with task
* dump for debugging - WARN, BUG, panic or sysrq.
*/
char desc[WORKER_DESC_LEN];
/* used only by rescuers to point to the target workqueue */
struct workqueue_struct *rescue_wq; /* I: the workqueue to rescue */
/* used by the scheduler to determine a worker's last known identity */
Reported by FlawFinder.