The following issues were found

drivers/virtio/virtio_balloon.c
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 501 Column: 8 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              {
	struct virtqueue *vqs[VIRTIO_BALLOON_VQ_MAX];
	vq_callback_t *callbacks[VIRTIO_BALLOON_VQ_MAX];
	const char *names[VIRTIO_BALLOON_VQ_MAX];
	int err;

	/*
	 * Inflateq and deflateq are used unconditionally. The names[]
	 * will be NULL if the related feature is not enabled, which will

Reported by FlawFinder.

include/linux/string_helpers.h
1 issues
strlen - Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected)
Security

Line: 75 Column: 32 CWE codes: 126 

              static inline int string_escape_str(const char *src, char *dst, size_t sz,
		unsigned int flags, const char *only)
{
	return string_escape_mem(src, strlen(src), dst, sz, flags, only);
}

static inline int string_escape_str_any_np(const char *src, char *dst,
		size_t sz, const char *only)
{

Reported by FlawFinder.

drivers/video/fbdev/s3c2410fb.c
1 issues
strcpy - Does not check for buffer overflows when copying to destination [MS-banned]
Security

Line: 894 Column: 2 CWE codes: 120
Suggestion: Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused) 

              
	dprintk("devinit\n");

	strcpy(fbinfo->fix.id, driver_name);

	/* Stop the video */
	lcdcon1 = readl(info->io + S3C2410_LCDCON1);
	writel(lcdcon1 & ~S3C2410_LCDCON1_ENVID, info->io + S3C2410_LCDCON1);

Reported by FlawFinder.

drivers/virt/vboxguest/vmmdev.h
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 280 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              	 * chop it off before usage. There is, because of the Main code's blind
	 * trust in the field's content, no way back.
	 */
	char name[128];
};
VMMDEV_ASSERT_SIZE(vmmdev_guest_info2, 24 + 144);

enum vmmdev_guest_facility_type {
	VBOXGUEST_FACILITY_TYPE_UNKNOWN          = 0,

Reported by FlawFinder.

drivers/virt/vboxguest/vboxguest_core.h
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 74 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              	/** Pointer to the mapping of the VMMDev adapter memory. */
	struct vmmdev_memory *mmio;
	/** Host version */
	char host_version[64];
	/** Host features */
	unsigned int host_features;
	/**
	 * Dummy page and vmap address for reserved kernel virtual-address
	 * space for the guest mappings, only used on hosts lacking vtx.

Reported by FlawFinder.

fs/ocfs2/dlm/dlmapi.h
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 98 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              	enum dlm_status status;
	u32 flags;
	struct dlm_lock *lockid;
	char lvb[DLM_LVB_LEN];
};

/* Valid lock modes. */
#define LKM_IVMODE      (-1)            /* invalid mode */
#define LKM_NLMODE      0               /* null lock */

Reported by FlawFinder.

fs/ocfs2/cluster/tcp.c
1 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 1081 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

              
	vec[0].iov_len = sizeof(struct o2net_msg);
	vec[0].iov_base = msg;
	memcpy(&vec[1], caller_vec, caller_veclen * sizeof(struct kvec));

	ret = o2net_prep_nsw(nn, &nsw);
	if (ret)
		goto out;

Reported by FlawFinder.

include/linux/mroute_base.h
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 148 Column: 13 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              			unsigned long pkt;
			unsigned long wrong_if;
			unsigned long lastuse;
			unsigned char ttls[MAXVIFS];
			refcount_t refcount;
		} res;
	} mfc_un;
	struct list_head list;
	struct rcu_head	rcu;

Reported by FlawFinder.

fs/ocfs2/cluster/nodemanager.h
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 28 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              struct o2nm_node {
	spinlock_t		nd_lock;
	struct config_item	nd_item;
	char			nd_name[O2NM_MAX_NAME_LEN+1]; /* replace? */
	__u8			nd_num;
	/* only one address per node, as attributes, for now. */
	__be32			nd_ipv4_address;
	__be16			nd_ipv4_port;
	struct rb_node		nd_ip_node;

Reported by FlawFinder.

include/linux/skmsg.h
1 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 198 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

              
static inline void sk_msg_xfer_full(struct sk_msg *dst, struct sk_msg *src)
{
	memcpy(dst, src, sizeof(*src));
	sk_msg_init(src);
}

static inline bool sk_msg_full(const struct sk_msg *msg)
{

Reported by FlawFinder.