The following issues were found
lib/test_vmalloc.c
1 issues
Line: 318
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct test_kvfree_rcu {
struct rcu_head rcu;
unsigned char array[20];
};
static int
kvfree_rcu_1_arg_vmalloc_test(void)
{
Reported by FlawFinder.
lib/ts_bm.c
1 issues
Line: 162
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
for (i = 0; i < len; i++)
bm->pattern[i] = toupper(((u8 *)pattern)[i]);
else
memcpy(bm->pattern, pattern, len);
compute_prefix_tbl(bm, flags);
return conf;
}
Reported by FlawFinder.
lib/ts_fsm.c
1 issues
Line: 289
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
conf->flags = flags;
fsm = ts_config_priv(conf);
fsm->ntokens = ntokens;
memcpy(fsm->tokens, pattern, len);
for (i = 0; i < fsm->ntokens; i++) {
struct ts_fsm_token *t = &fsm->tokens[i];
t->type = token_map[t->type];
}
Reported by FlawFinder.
lib/ts_kmp.c
1 issues
Line: 113
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
for (i = 0; i < len; i++)
kmp->pattern[i] = toupper(((u8 *)pattern)[i]);
else
memcpy(kmp->pattern, pattern, len);
return conf;
}
static void *kmp_get_pattern(struct ts_config *conf)
Reported by FlawFinder.
include/uapi/linux/hdlc/ioctl.h
1 issues
Line: 74
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
typedef struct {
unsigned int dlci;
char master[IFNAMSIZ]; /* Name of master FRAD device */
}fr_proto_pvc_info; /* for returning PVC information only */
typedef struct {
unsigned int interval;
unsigned int timeout;
Reported by FlawFinder.
lib/ubsan.h
1 issues
Line: 14
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct type_descriptor {
u16 type_kind;
u16 type_info;
char type_name[1];
};
struct source_location {
const char *file_name;
union {
Reported by FlawFinder.
include/uapi/linux/gsmmux.h
1 issues
Line: 33
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
unsigned int adaption; /* Adaption to use in network mode */
unsigned short protocol;/* Protocol to use - only ETH_P_IP supported */
unsigned short unused2;
char if_name[IFNAMSIZ]; /* interface name format string */
__u8 unused[28]; /* For future use */
};
#define GSMIOC_ENABLE_NET _IOW('G', 2, struct gsm_netconfig)
#define GSMIOC_DISABLE_NET _IO('G', 3)
Reported by FlawFinder.
net/netfilter/xt_connlimit.c
1 issues
Line: 61
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
for (i = 0; i < ARRAY_SIZE(addr.ip6); ++i)
addr.ip6[i] &= info->mask.ip6[i];
memcpy(key, &addr, sizeof(addr.ip6));
key[4] = zone->id;
} else {
const struct iphdr *iph = ip_hdr(skb);
key[0] = (info->flags & XT_CONNLIMIT_DADDR) ?
iph->daddr : iph->saddr;
Reported by FlawFinder.
include/uapi/linux/genwqe/genwqe_card.h
1 issues
Line: 361
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#define DDCB_FIXUPS 12 /* maximum number of fixups */
struct genwqe_debug_data {
char driver_version[64];
__u64 slu_unitcfg;
__u64 app_unitcfg;
__u8 ddcb_before[DDCB_LENGTH];
__u8 ddcb_prev[DDCB_LENGTH];
Reported by FlawFinder.
lib/xz/xz_dec_stream.c
1 issues
Line: 162
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
size_t copy_size = min_t(size_t,
b->in_size - b->in_pos, s->temp.size - s->temp.pos);
memcpy(s->temp.buf + s->temp.pos, b->in + b->in_pos, copy_size);
b->in_pos += copy_size;
s->temp.pos += copy_size;
if (s->temp.pos == s->temp.size) {
s->temp.pos = 0;
Reported by FlawFinder.