The following issues were found
drivers/xen/xenfs/xenstored.c
1 issues
Line: 16
Column: 54
CWE codes:
126
size_t size, loff_t *off)
{
const char *str = (const char *)file->private_data;
return simple_read_from_buffer(buf, size, off, str, strlen(str));
}
static int xsd_release(struct inode *inode, struct file *file)
{
kfree(file->private_data);
Reported by FlawFinder.
include/linux/hiddev.h
1 issues
Line: 26
Column: 6
CWE codes:
362
struct hiddev {
int minor;
int exist;
int open;
struct mutex existancelock;
wait_queue_head_t wait;
struct hid_device *hid;
struct list_head list;
spinlock_t list_lock;
Reported by FlawFinder.
include/linux/hidraw.h
1 issues
Line: 14
Column: 6
CWE codes:
362
struct hidraw {
unsigned int minor;
int exist;
int open;
wait_queue_head_t wait;
struct hid_device *hid;
struct device *dev;
spinlock_t list_lock;
struct list_head list;
Reported by FlawFinder.
drivers/xen/xenfs/super.c
1 issues
Line: 39
Column: 54
CWE codes:
126
if (xen_initial_domain())
tmp = "control_d\n";
return simple_read_from_buffer(buf, size, off, tmp, strlen(tmp));
}
static const struct file_operations capabilities_file_ops = {
.read = capabilities_read,
.llseek = default_llseek,
Reported by FlawFinder.
include/linux/hugetlb.h
1 issues
Line: 619
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct cftype cgroup_files_dfl[7];
struct cftype cgroup_files_legacy[9];
#endif
char name[HSTATE_NAME_LEN];
};
struct huge_bootmem_page {
struct list_head list;
struct hstate *hstate;
Reported by FlawFinder.
include/linux/hw_random.h
1 issues
Line: 45
Column: 8
CWE codes:
120
20
void (*cleanup)(struct hwrng *rng);
int (*data_present)(struct hwrng *rng, int wait);
int (*data_read)(struct hwrng *rng, u32 *data);
int (*read)(struct hwrng *rng, void *data, size_t max, bool wait);
unsigned long priv;
unsigned short quality;
/* internal. */
struct list_head list;
Reported by FlawFinder.
include/linux/hwmon.h
1 issues
Line: 397
Column: 8
CWE codes:
120
20
struct hwmon_ops {
umode_t (*is_visible)(const void *drvdata, enum hwmon_sensor_types type,
u32 attr, int channel);
int (*read)(struct device *dev, enum hwmon_sensor_types type,
u32 attr, int channel, long *val);
int (*read_string)(struct device *dev, enum hwmon_sensor_types type,
u32 attr, int channel, const char **str);
int (*write)(struct device *dev, enum hwmon_sensor_types type,
u32 attr, int channel, long val);
Reported by FlawFinder.
drivers/xen/xenbus/xenbus.h
1 issues
Line: 44
Column: 20
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct xen_bus_type {
char *root;
unsigned int levels;
int (*get_bus_id)(char bus_id[XEN_BUS_ID_SIZE], const char *nodename);
int (*probe)(struct xen_bus_type *bus, const char *type,
const char *dir);
bool (*otherend_will_handle)(struct xenbus_watch *watch,
const char *path, const char *token);
void (*otherend_changed)(struct xenbus_watch *watch, const char *path,
Reported by FlawFinder.
drivers/xen/xen-front-pgdir-shbuf.c
1 issues
Line: 393
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
to_copy = XEN_NUM_GREFS_PER_PAGE;
page_dir->gref_dir_next_page = buf->grefs[i + 1];
}
memcpy(&page_dir->gref, &buf->grefs[cur_gref],
to_copy * sizeof(grant_ref_t));
ptr += PAGE_SIZE;
grefs_left -= to_copy;
cur_gref += to_copy;
}
Reported by FlawFinder.
include/linux/if_bridge.h
1 issues
Line: 28
Column: 12
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#if IS_ENABLED(CONFIG_IPV6)
struct in6_addr ip6;
#endif
unsigned char mac_addr[ETH_ALEN];
} dst;
__be16 proto;
__u16 vid;
};
Reported by FlawFinder.