The following issues were found
drivers/isdn/mISDN/clock.c
1 issues
Line: 99
Column: 2
CWE codes:
120
printk(KERN_ERR "%s: No memory for clock entry.\n", __func__);
return NULL;
}
strncpy(iclock->name, name, sizeof(iclock->name) - 1);
iclock->pri = pri;
iclock->priv = priv;
iclock->ctl = ctl;
write_lock_irqsave(&iclock_lock, flags);
list_add_tail(&iclock->list, &iclock_list);
Reported by FlawFinder.
drivers/infiniband/hw/hfi1/trace.c
1 issues
Line: 482
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
u64 desc0, u64 desc1)
{
const char *ret = trace_seq_buffer_ptr(p);
char flags[5] = { 'x', 'x', 'x', 'x', 0 };
flags[0] = (desc1 & SDMA_DESC1_INT_REQ_FLAG) ? 'I' : '-';
flags[1] = (desc1 & SDMA_DESC1_HEAD_TO_HOST_FLAG) ? 'H' : '-';
flags[2] = (desc0 & SDMA_DESC0_FIRST_DESC_FLAG) ? 'F' : '-';
flags[3] = (desc0 & SDMA_DESC0_LAST_DESC_FLAG) ? 'L' : '-';
Reported by FlawFinder.
drivers/infiniband/hw/hfi1/trace_dbg.h
1 issues
Line: 73
Column: 21
CWE codes:
134
Suggestion:
Use a constant for the format specification
__dynamic_array(char, msg, MAX_MSG_LEN)
),
TP_fast_assign(__assign_str(function, function);
WARN_ON_ONCE(vsnprintf
(__get_dynamic_array(msg),
MAX_MSG_LEN, vaf->fmt,
*vaf->va) >=
MAX_MSG_LEN);
),
Reported by FlawFinder.
drivers/gpu/drm/vboxvideo/modesetting.c
1 issues
Line: 123
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
return -EIO;
}
memcpy(hints, ((u8 *)p) + sizeof(struct vbva_query_mode_hints), size);
hgsmi_buffer_free(ctx, p);
return 0;
}
Reported by FlawFinder.
drivers/gpu/drm/i915/gt/intel_sseu_debugfs.c
1 issues
Line: 16
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
{
int offset = slice * sseu->ss_stride;
memcpy(&to_mask[offset], &sseu->subslice_mask[offset], sseu->ss_stride);
}
static void cherryview_sseu_device_status(struct intel_gt *gt,
struct sseu_dev_info *sseu)
{
Reported by FlawFinder.
drivers/isdn/mISDN/dsp.h
1 issues
Line: 174
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct list_head list;
struct mISDNchannel ch;
struct mISDNchannel *up;
unsigned char name[64];
int b_active;
struct dsp_echo echo;
int rx_disabled; /* what the user wants */
int rx_is_off; /* what the card is */
int tx_mix;
Reported by FlawFinder.
drivers/gpu/drm/vboxvideo/hgsmi_base.c
1 issues
Line: 154
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
p->width = width;
p->height = height;
if (pixel_len)
memcpy(p->data, pixels, pixel_len);
hgsmi_buffer_submit(ctx, p);
switch (p->result) {
case VINF_SUCCESS:
Reported by FlawFinder.
drivers/gpu/drm/udl/udl_modeset.c
1 issues
Line: 235
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
buf = (char *)urb->transfer_buffer;
memcpy(buf, udl->mode_buf, udl->mode_buf_len);
retval = udl_submit_urb(dev, urb, udl->mode_buf_len);
DRM_DEBUG("write mode info %d\n", udl->mode_buf_len);
return retval;
}
Reported by FlawFinder.
drivers/gpu/drm/udl/udl_drv.h
1 issues
Line: 63
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct urb_list urbs;
char mode_buf[1024];
uint32_t mode_buf_len;
};
#define to_udl(x) container_of(x, struct udl_device, drm)
Reported by FlawFinder.
drivers/infiniband/hw/hfi1/verbs_txreq.c
1 issues
Line: 124
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
int verbs_txreq_init(struct hfi1_ibdev *dev)
{
char buf[TXREQ_LEN];
struct hfi1_devdata *dd = dd_from_dev(dev);
snprintf(buf, sizeof(buf), "hfi1_%u_vtxreq_cache", dd->unit);
dev->verbs_txreq_cache = kmem_cache_create(buf,
sizeof(struct verbs_txreq),
Reported by FlawFinder.