Line: 747 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              	spinlock_t		lock;


	char                    name[4];
	u32                     order;
	u32			xlt;
	u32			access_mode;
	u32			page;


            

Line: 179

              	.revs = { __VA_ARGS__ },				\
}

#define GPU_REV_EXT(name, _rev, _p, _s, stat) \
{\
	.revision = (_rev) << 12 | (_p) << 4 | (_s),		\
	.issues = hw_issues_##name##_r##_rev##p##_p##stat,	\
}
#define GPU_REV(name, r, p) GPU_REV_EXT(name, r, p, 0, )

            

Line: 52 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              
	/* card */
	int			registered;	/* if registered with mISDN */
	char			name[MISDN_MAX_IDLEN];
	int			idx;		/* card index */
	int			pri;		/* 1=pri, 0=bri */
	int			d_idx;		/* current dchannel number */
	int			b_num;		/* number of bchannels */
	u32			id;		/* id of connection */

            

Line: 56 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

              					     MLX5_IB_ATTR_PP_OBJ_ALLOC_CTX);
	inlen = uverbs_attr_get_len(attrs,
				    MLX5_IB_ATTR_PP_OBJ_ALLOC_CTX);
	memcpy(rl_raw, in_ctx, inlen);
	err = uverbs_get_flags32(&flags, attrs,
		MLX5_IB_ATTR_PP_OBJ_ALLOC_FLAGS,
		MLX5_IB_UAPI_PP_ALLOC_FLAGS_DEDICATED_INDEX);
	if (err)
		goto err;

            

Line: 57 Column: 23 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              	.flags = 0,
};

static const unsigned char gamma_tbl[NUM_GAMMA_STEPS][GAMMA_CMD_CNT] = {
	{	/* Gamma 10 */
		MCS_MTP_SET3,
		0x00, 0x00, 0x00, 0x7f, 0x7f, 0x7f, 0x52, 0x6b, 0x6f, 0x26,
		0x28, 0x2d, 0x28, 0x26, 0x27, 0x33, 0x34, 0x32, 0x36, 0x36,
		0x35, 0x00, 0xab, 0x00, 0xae, 0x00, 0xbf

            

Line: 392 Column: 3 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

              	do {                                                                   \
		MOD_QP_IN_SET(typ, in, _opcode, _qpn, _uid);                   \
		MLX5_SET(typ##_in, in, opt_param_mask, _opt_p);                \
		memcpy(MLX5_ADDR_OF(typ##_in, in, qpc), _qpc,                  \
		       MLX5_ST_SZ_BYTES(qpc));                                 \
	} while (0)

	switch (opcode) {
	/* 2RST & 2ERR */

            

Line: 48 Column: 3 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

              			err = cmd_err;
			goto destroy_cmd;
		}
		memcpy(data + offset, page_address(page), size);
		offset += size;
	} while (cmd_err > 0);
	*data_len = offset;

destroy_cmd:

            

Line: 33 Column: 8 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              #include <video/mipi_display.h>

struct nt36672a_panel_cmd {
	const char data[2];
};

static const char * const nt36672a_regulator_names[] = {
	"vddio",
	"vddpos",

            

Line: 445 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

              	 * least it won't be corrupting whatever other random page used to
	 * be mapped in, or other undefined behavior.
	 */
	memcpy(pages, &omap_obj->pages[base_pgoff],
			sizeof(struct page *) * slots);
	memset(pages + slots, 0,
			sizeof(struct page *) * (n - slots));

	err = tiler_pin(entry->block, pages, ARRAY_SIZE(pages), 0, true);

            

Line: 730 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              {
	const struct intel_engine_cs *engine =
		container_of(execlists, typeof(*engine), execlists);
	char __maybe_unused p0[40], p1[40];

	if (!ports[0])
		return;

	ENGINE_TRACE(engine, "%s { %s%s }\n", msg,