The following issues were found
net/bluetooth/mgmt_util.c
1 issues
Line: 161
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
ev->status = status;
if (rp)
memcpy(ev->data, rp, rp_len);
mskb = create_monitor_ctrl_event(hdr->index, hci_sock_get_cookie(sk),
MGMT_EV_CMD_COMPLETE,
sizeof(*ev) + rp_len, ev);
if (mskb)
Reported by FlawFinder.
net/bluetooth/msft.c
1 issues
Line: 521
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
pattern->length = entry->length + 2;
pattern->data_type = entry->ad_type;
pattern->start_byte = entry->offset;
memcpy(pattern->pattern, entry->value, entry->length);
offset += sizeof(*pattern) + entry->length;
}
hci_req_init(&req, hdev);
hci_req_add(&req, hdev->msft_opcode, total_size, cp);
Reported by FlawFinder.
include/trace/events/signal.h
1 issues
Line: 70
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
TP_fast_assign(
__entry->sig = sig;
TP_STORE_SIGINFO(__entry, info);
memcpy(__entry->comm, task->comm, TASK_COMM_LEN);
__entry->pid = task->pid;
__entry->group = group;
__entry->result = result;
),
Reported by FlawFinder.
net/bluetooth/sco.c
1 issues
Line: 926
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
memset(&cinfo, 0, sizeof(cinfo));
cinfo.hci_handle = sco_pi(sk)->conn->hcon->handle;
memcpy(cinfo.dev_class, sco_pi(sk)->conn->hcon->dev_class, 3);
len = min_t(unsigned int, len, sizeof(cinfo));
if (copy_to_user(optval, (char *)&cinfo, len))
err = -EFAULT;
Reported by FlawFinder.
include/trace/events/sctp.h
1 issues
Line: 33
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
TP_fast_assign(
__entry->asoc = (unsigned long)asoc;
__entry->primary = (sp == asoc->peer.primary_path);
memcpy(__entry->ipaddr, &sp->ipaddr, sizeof(union sctp_addr));
__entry->state = sp->state;
__entry->cwnd = sp->cwnd;
__entry->ssthresh = sp->ssthresh;
__entry->flight_size = sp->flight_size;
__entry->partial_bytes_acked = sp->partial_bytes_acked;
Reported by FlawFinder.
include/linux/tracepoint.h
1 issues
Line: 29
Column: 15
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
struct notifier_block;
struct trace_eval_map {
const char *system;
const char *eval_string;
unsigned long eval_value;
};
#define TRACEPOINT_DEFAULT_PRIO 10
Reported by FlawFinder.
net/bpfilter/bpfilter_kern.c
1 issues
Line: 106
CWE codes:
570
err = umd_load_blob(&bpfilter_ops.info,
&bpfilter_umh_start,
&bpfilter_umh_end - &bpfilter_umh_start);
if (err)
return err;
mutex_lock(&bpfilter_ops.lock);
err = start_umh();
Reported by Cppcheck.
net/bridge/br_forward.c
1 issues
Line: 262
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
}
if (!is_broadcast_ether_addr(addr))
memcpy(eth_hdr(skb)->h_dest, addr, ETH_ALEN);
__br_forward(p, skb, local_orig);
}
/* called with rcu_read_lock */
Reported by FlawFinder.
include/trace/events/rpcgss.h
1 issues
Line: 593
Column: 3
CWE codes:
120
__entry->timeout = timeout;
__entry->window_size = window_size;
__entry->len = len;
strncpy(__get_str(acceptor), data, len);
),
TP_printk("win_size=%u expiry=%lu now=%lu timeout=%u acceptor=%.*s",
__entry->window_size, __entry->expiry, __entry->now,
__entry->timeout, __entry->len, __get_str(acceptor))
Reported by FlawFinder.
include/trace/events/random.h
1 issues
Line: 3
Column: 22
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
/* SPDX-License-Identifier: GPL-2.0 */
#undef TRACE_SYSTEM
#define TRACE_SYSTEM random
#if !defined(_TRACE_RANDOM_H) || defined(TRACE_HEADER_MULTI_READ)
#define _TRACE_RANDOM_H
#include <linux/writeback.h>
#include <linux/tracepoint.h>
Reported by FlawFinder.