The following issues were found
fs/jfs/jfs_metapage.c
1 issues
Line: 731
CWE codes:
476
void release_metapage(struct metapage * mp)
{
struct page *page = mp->page;
jfs_info("release_metapage: mp = 0x%p, flag = 0x%lx", mp, mp->flag);
BUG_ON(!page);
lock_page(page);
Reported by Cppcheck.
fs/jfs/jfs_logmgr.h
1 issues
Line: 66
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
__le32 end; /* 4: addr of last log record set by logredo */
uuid_t uuid; /* 16: 128-bit journal uuid */
char label[16]; /* 16: journal label */
struct {
uuid_t uuid;
} active[MAX_ACTIVE]; /* 2048: active file systems list */
};
Reported by FlawFinder.
fs/pstore/inode.c
1 issues
Line: 350
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct dentry *dentry;
struct inode *inode;
int rc = 0;
char name[PSTORE_NAMELEN];
struct pstore_private *private, *pos;
size_t size = record->size + record->ecc_notice_size;
if (WARN_ON(!inode_is_locked(d_inode(root))))
return -EINVAL;
Reported by FlawFinder.
fs/jfs/jfs_incore.h
1 issues
Line: 198
Column: 8
CWE codes:
732
uint p_state; /* state prior to going no integrity */
kuid_t uid; /* uid to override on-disk uid */
kgid_t gid; /* gid to override on-disk gid */
uint umask; /* umask to override on-disk umask */
uint minblks_trim; /* minimum blocks, for online trim */
};
/* jfs_sb_info commit_state */
#define IN_LAZYCOMMIT 1
Reported by FlawFinder.
fs/jfs/jfs_extent.c
1 issues
Line: 634
CWE codes:
758
}
i = 63 - i;
k = (u64) 1 << i;
k = ((k - 1) & nb) ? k : k >> 1;
return (k);
}
Reported by Cppcheck.
fs/jffs2/write.c
1 issues
Line: 250
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
fd->ino = je32_to_cpu(rd->ino);
fd->nhash = full_name_hash(NULL, name, namelen);
fd->type = rd->type;
memcpy(fd->name, name, namelen);
fd->name[namelen]=0;
retry:
flash_ofs = write_ofs(c);
Reported by FlawFinder.
fs/qnx4/inode.c
1 issues
Line: 311
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
inode->i_ctime.tv_nsec = 0;
inode->i_blocks = le32_to_cpu(raw_inode->di_first_xtnt.xtnt_size);
memcpy(qnx4_inode, raw_inode, QNX4_DIR_ENTRY_SIZE);
if (S_ISREG(inode->i_mode)) {
inode->i_fop = &generic_ro_fops;
inode->i_mapping->a_ops = &qnx4_aops;
qnx4_i(inode)->mmu_private = inode->i_size;
} else if (S_ISDIR(inode->i_mode)) {
Reported by FlawFinder.
fs/qnx4/namei.c
1 issues
Line: 43
Column: 12
CWE codes:
126
} else {
namelen = QNX4_SHORT_NAME_MAX;
}
thislen = strlen( de->di_fname );
if ( thislen > namelen )
thislen = namelen;
if (len != thislen) {
return 0;
}
Reported by FlawFinder.
fs/jffs2/read.c
1 issues
Line: 143
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
}
if (len < je32_to_cpu(ri->dsize)) {
memcpy(buf, decomprbuf+ofs, len);
}
out_decomprbuf:
if(decomprbuf != buf && decomprbuf != readbuf)
kfree(decomprbuf);
out_readbuf:
Reported by FlawFinder.
fs/jffs2/compr_rubin.c
1 issues
Line: 309
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
uint32_t *sourcelen, uint32_t *dstlen)
{
int bits[8];
unsigned char histo[256];
int i;
int ret;
uint32_t mysrclen, mydstlen;
mysrclen = *sourcelen;
Reported by FlawFinder.