The following issues were found
net/netfilter/xt_conntrack.c
1 issues
Line: 28
Column: 45
CWE codes:
732
static bool
conntrack_addrcmp(const union nf_inet_addr *kaddr,
const union nf_inet_addr *uaddr,
const union nf_inet_addr *umask, unsigned int l3proto)
{
if (l3proto == NFPROTO_IPV4)
return ((kaddr->ip ^ uaddr->ip) & umask->ip) == 0;
else if (l3proto == NFPROTO_IPV6)
return ipv6_masked_addr_cmp(&kaddr->in6, &umask->in6,
Reported by FlawFinder.
lib/zlib_deflate/deftree.c
1 issues
Line: 1056
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
s->bits_sent += (ulg)len<<3;
#endif
/* bundle up the put_byte(s, *buf++) calls */
memcpy(&s->pending_buf[s->pending], buf, len);
s->pending += len;
}
Reported by FlawFinder.
lib/zlib_deflate/defutil.h
1 issues
Line: 430
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (len == 0) return;
if (strm->next_out != NULL) {
memcpy(strm->next_out, s->pending_out, len);
strm->next_out += len;
}
s->pending_out += len;
strm->total_out += len;
strm->avail_out -= len;
Reported by FlawFinder.
lib/zlib_dfltcc/dfltcc.c
1 issues
Line: 20
Column: 9
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
#ifdef STATIC
return NULL; /* Ignore for pre-boot decompressor */
#else
sprintf(buf, "Operation-Ending-Supplemental Code is 0x%.2X", oesc);
return buf;
#endif
}
}
Reported by FlawFinder.
include/uapi/linux/fsverity.h
1 issues
Line: 80
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
* userspace could instead use a string like "sha256:$digest_as_hex_string".
*/
struct fsverity_formatted_digest {
char magic[8]; /* must be "FSVerity" */
__le16 digest_algorithm;
__le16 digest_size;
__u8 digest[];
};
Reported by FlawFinder.
lib/zlib_inflate/inffast.c
1 issues
Line: 15
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
union uu {
unsigned short us;
unsigned char b[2];
};
/* Endian independent version */
static inline unsigned short
get_unaligned16(const unsigned short *p)
Reported by FlawFinder.
include/uapi/linux/fs.h
1 issues
Line: 121
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
__u32 fsx_nextents; /* nextents field value (get) */
__u32 fsx_projid; /* project identifier (get/set) */
__u32 fsx_cowextsize; /* CoW extsize field value (get/set)*/
unsigned char fsx_pad[8];
};
/*
* Flags for the fsx_xflags field
*/
Reported by FlawFinder.
include/uapi/linux/fb.h
1 issues
Line: 158
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#define FB_CAP_FOURCC 1 /* Device supports FOURCC-based formats */
struct fb_fix_screeninfo {
char id[16]; /* identification string eg "TT Builtin" */
unsigned long smem_start; /* Start of frame buffer mem */
/* (physical address) */
__u32 smem_len; /* Length of frame buffer mem */
__u32 type; /* see FB_TYPE_* */
__u32 type_aux; /* Interleave for interleaved Planes */
Reported by FlawFinder.
include/uapi/linux/fanotify.h
1 issues
Line: 148
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
* Following is an opaque struct file_handle that can be passed as
* an argument to open_by_handle_at(2).
*/
unsigned char handle[0];
};
struct fanotify_response {
__s32 fd;
__u32 response;
Reported by FlawFinder.
lib/zstd/fse_decompress.c
1 issues
Line: 125
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
}
}
}
memcpy(dt, &DTableH, sizeof(DTableH));
}
/* Spread symbols */
{
U32 const tableMask = tableSize - 1;
Reported by FlawFinder.