The following issues were found

include/linux/libata.h
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 754 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              
	unsigned int		probe_mask;

	char			desc[ATA_EH_DESC_LEN];
	int			desc_len;
};

struct ata_eh_context {
	struct ata_eh_info	i;

Reported by FlawFinder.

include/linux/lightnvm.h
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 424 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              
	/* Backend device */
	struct request_queue *q;
	char name[DISK_NAME_LEN];
	void *private_data;

	struct kref ref;
	void *rmap;

Reported by FlawFinder.

include/linux/lockd/bind.h
1 issues
fopen - Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?
Security

Line: 28 Column: 13 CWE codes: 362 

               * This is the set of functions for lockd->nfsd communication
 */
struct nlmsvc_binding {
	__be32			(*fopen)(struct svc_rqst *,
						struct nfs_fh *,
						struct file **);
	void			(*fclose)(struct file *);
};

Reported by FlawFinder.

include/linux/serdev.h
1 issues
open - Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?
Security

Line: 86 Column: 8 CWE codes: 362 

              	int (*write_buf)(struct serdev_controller *, const unsigned char *, size_t);
	void (*write_flush)(struct serdev_controller *);
	int (*write_room)(struct serdev_controller *);
	int (*open)(struct serdev_controller *);
	void (*close)(struct serdev_controller *);
	void (*set_flow_control)(struct serdev_controller *, bool);
	int (*set_parity)(struct serdev_controller *, enum serdev_parity);
	unsigned int (*set_baudrate)(struct serdev_controller *, unsigned int);
	void (*wait_until_sent)(struct serdev_controller *, long);

Reported by FlawFinder.

drivers/video/fbdev/savage/savagefb-i2c.c
1 issues
strcpy - Does not check for buffer overflows when copying to destination [MS-banned]
Security

Line: 139 Column: 3 CWE codes: 120
Suggestion: Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused) 

              	int rc = 0;

	if (chan->par) {
		strcpy(chan->adapter.name, name);
		chan->adapter.owner		= THIS_MODULE;
		chan->adapter.algo_data		= &chan->algo;
		chan->adapter.dev.parent	= &chan->par->pcidev->dev;
		chan->algo.udelay		= 10;
		chan->algo.timeout		= 20;

Reported by FlawFinder.

drivers/w1/slaves/w1_ds2405.c
1 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 186 Column: 3 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

              		u8 cmd[9];

		cmd[0] = W1_MATCH_ROM;
		memcpy(&cmd[1], &dev_addr, sizeof(dev_addr));

		w1_write_block(dev, cmd, sizeof(cmd));
	} while (0);

out_unlock:

Reported by FlawFinder.

include/linux/logic_iomem.h
1 issues
read - Check buffer boundaries if used in a loop including recursive loops
Security

Line: 25 Column: 18 CWE codes: 120 20 

               * @unmap: optional, this region is getting unmapped
 */
struct logic_iomem_ops {
	unsigned long (*read)(void *priv, unsigned int offset, int size);
	void (*write)(void *priv, unsigned int offset, int size,
		      unsigned long val);

	void (*set)(void *priv, unsigned int offset, u8 value, int size);
	void (*copy_from)(void *priv, void *buffer, unsigned int offset,

Reported by FlawFinder.

include/linux/lsm_hook_defs.h
1 issues
syslog - If syslog's format strings can be influenced by an attacker, they can be exploited
Security

Line: 48 Column: 18 CWE codes: 134
Suggestion: Use a constant format string for syslog 

              	 int cap, unsigned int opts)
LSM_HOOK(int, 0, quotactl, int cmds, int type, int id, struct super_block *sb)
LSM_HOOK(int, 0, quota_on, struct dentry *dentry)
LSM_HOOK(int, 0, syslog, int type)
LSM_HOOK(int, 0, settime, const struct timespec64 *ts,
	 const struct timezone *tz)
LSM_HOOK(int, 0, vm_enough_memory, struct mm_struct *mm, long pages)
LSM_HOOK(int, 0, bprm_creds_for_exec, struct linux_binprm *bprm)
LSM_HOOK(int, 0, bprm_creds_from_file, struct linux_binprm *bprm, struct file *file)

Reported by FlawFinder.

drivers/w1/masters/sgi_w1.c
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 25 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              struct sgi_w1_device {
	u32 __iomem *mcr;
	struct w1_bus_master bus_master;
	char dev_id[64];
};

static u8 sgi_w1_wait(u32 __iomem *mcr)
{
	u32 mcr_val;

Reported by FlawFinder.

drivers/vme/vme_bridge.h
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 108 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

               * of the structure should be present for each VME chip present in the system.
 */
struct vme_bridge {
	char name[VMENAMSIZ];
	int num;
	struct list_head master_resources;
	struct list_head slave_resources;
	struct list_head dma_resources;
	struct list_head lm_resources;

Reported by FlawFinder.