The following issues were found
sound/pci/ice1712/wtm.c
1 issues
Line: 389
Column: 15
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static int stac9460_mic_sw_info(struct snd_kcontrol *kcontrol,
struct snd_ctl_elem_info *uinfo)
{
static const char * const texts[2] = { "Line In", "Mic" };
return snd_ctl_enum_info(uinfo, 1, 2, texts);
}
Reported by FlawFinder.
net/sunrpc/xprtrdma/svc_rdma_rw.c
1 issues
Line: 781
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
head->rc_page_count++;
dst = page_address(rqstp->rq_pages[info->ri_pageno]);
memcpy(dst + info->ri_pageno, src + offset, page_len);
info->ri_totalbytes += page_len;
info->ri_pageoff += page_len;
if (info->ri_pageoff == PAGE_SIZE) {
info->ri_pageno++;
Reported by FlawFinder.
sound/firewire/tascam/tascam-hwdep.c
1 issues
Line: 268
Column: 2
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
if (err < 0)
return err;
strcpy(hwdep->name, "Tascam");
hwdep->iface = SNDRV_HWDEP_IFACE_FW_TASCAM;
hwdep->ops = ops;
hwdep->private_data = tscm;
hwdep->exclusive = true;
Reported by FlawFinder.
samples/bpf/tcp_clamp_kern.c
1 issues
Line: 25
#define DEBUG 1
SEC("sockops")
int bpf_clamp(struct bpf_sock_ops *skops)
{
int bufsize = 150000;
int to_init = 10;
int clamp = 100;
Reported by Cppcheck.
sound/firewire/oxfw/oxfw-pcm.c
1 issues
Line: 443
Column: 2
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
return err;
pcm->private_data = oxfw;
strcpy(pcm->name, oxfw->card->shortname);
snd_pcm_set_ops(pcm, SNDRV_PCM_STREAM_PLAYBACK, &playback_ops);
if (cap > 0)
snd_pcm_set_ops(pcm, SNDRV_PCM_STREAM_CAPTURE, &capture_ops);
snd_pcm_set_managed_buffer_all(pcm, SNDRV_DMA_TYPE_VMALLOC, NULL, 0, 0);
Reported by FlawFinder.
sound/pci/lola/lola_proc.c
1 issues
Line: 138
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct snd_info_buffer *buffer)
{
struct lola *chip = entry->private_data;
char line[64];
unsigned int id, verb, data, extdata;
while (!snd_info_get_line(buffer, line, sizeof(line))) {
if (sscanf(line, "%u %u %u %u", &id, &verb, &data, &extdata) != 4)
continue;
lola_codec_read(chip, id, verb, data, extdata,
Reported by FlawFinder.
net/sched/ematch.c
1 issues
Line: 329
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
goto errout;
tree_hdr = nla_data(rt_hdr);
memcpy(&tree->hdr, tree_hdr, sizeof(*tree_hdr));
rt_match = nla_data(rt_list);
list_len = nla_len(rt_list);
matches_len = tree_hdr->nmatches * sizeof(*em);
Reported by FlawFinder.
sound/pci/lx6464es/lx_core.c
1 issues
Line: 408
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
ret = lx_message_send_atomic(chip, &chip->rmh);
if (!ret)
memcpy(data, chip->rmh.stat, chip->rmh.stat_len * sizeof(u32));
mutex_unlock(&chip->msg_lock);
return ret;
}
Reported by FlawFinder.
net/sunrpc/xprt.c
1 issues
Line: 2037
Column: 6
CWE codes:
126
else
timer_setup(&xprt->timer, NULL, 0);
if (strlen(args->servername) > RPC_MAXNETNAMELEN) {
xprt_destroy(xprt);
return ERR_PTR(-EINVAL);
}
xprt->servername = kstrdup(args->servername, GFP_KERNEL);
if (xprt->servername == NULL) {
Reported by FlawFinder.
sound/firewire/oxfw/oxfw-hwdep.c
1 issues
Line: 180
Column: 2
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
err = snd_hwdep_new(oxfw->card, oxfw->card->driver, 0, &hwdep);
if (err < 0)
goto end;
strcpy(hwdep->name, oxfw->card->driver);
hwdep->iface = SNDRV_HWDEP_IFACE_FW_OXFW;
hwdep->ops = hwdep_ops;
hwdep->private_data = oxfw;
hwdep->exclusive = true;
end:
Reported by FlawFinder.