Line: 124 Column: 4 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

              		ret = nvif_object_mthd(&mmu->object, NVIF_MMU_V0_KIND,
				       kind, argc);
		if (ret == 0)
			memcpy(mmu->kind, kind->data, kind->count);
		mmu->kind_inv = kind->kind_inv;
		kfree(kind);
	}

done:

            

Line: 70 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

              	args->type = type;
	args->page = page;
	args->size = size;
	memcpy(args->data, argv, argc);

	ret = nvif_object_ctor(&mmu->object, name ? name : "nvifMem", 0, oclass,
			       args, sizeof(*args) + argc, &mem->object);
	if (ret == 0) {
		mem->type = mmu->type[type].type;

            

Line: 72 Column: 2 CWE codes: 120

              	} nop = {};
	int ret;

	strncpy(args.name, name, sizeof(args.name));
	ret = nvif_object_ctor(parent != client ? &parent->object : NULL,
			       name ? name : "nvifClient", 0,
			       NVIF_CLASS_CLIENT, &args, sizeof(args),
			       &client->object);
	if (ret)

            

Line: 100 Column: 9 CWE codes: 120
Suggestion: Use sprintf_s, snprintf, or vsnprintf

              	struct heartbeat_trig_data *heartbeat_data =
		led_trigger_get_drvdata(dev);

	return sprintf(buf, "%u\n", heartbeat_data->invert);
}

static ssize_t led_invert_store(struct device *dev,
		struct device_attribute *attr, const char *buf, size_t size)
{

            

Line: 48 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              struct qt2160_led {
	struct qt2160_data *qt2160;
	struct led_classdev cdev;
	char name[32];
	int id;
	enum led_brightness brightness;
};
#endif


            

Line: 106 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              	void *abi16;
	struct list_head objects;
	struct list_head notifys;
	char name[32];

	struct work_struct work;
	struct list_head worker;
	struct mutex lock;
};

            

Line: 1068 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              {
	struct nouveau_drm *drm = nouveau_drm(dev);
	struct nouveau_cli *cli;
	char name[32], tmpname[TASK_COMM_LEN];
	int ret;

	/* need to bring up power immediately if opening device */
	ret = pm_runtime_get_sync(dev->dev);
	if (ret < 0 && ret != -EACCES) {

            

Line: 145 Column: 11 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              
static void tegra_kbc_report_keys(struct tegra_kbc *kbc)
{
	unsigned char scancodes[KBC_MAX_KPENT];
	unsigned short keycodes[KBC_MAX_KPENT];
	u32 val = 0;
	unsigned int i;
	unsigned int num_down = 0;
	bool fn_keypress = false;

            

Line: 149 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              	struct nouveau_debugfs *debugfs = nouveau_debugfs(drm);
	struct nvif_object *ctrl = &debugfs->ctrl;
	struct nvif_control_pstate_user_v0 args = { .pwrsrc = -EINVAL };
	char buf[32] = {}, *tmp, *cur = buf;
	long value, ret;

	if (!debugfs)
		return -ENODEV;


            

Line: 28 Column: 5 CWE codes: 362/367!
Suggestion: Set up the correct permissions (e.g., using setuid()) and try to open the file directly

              	u8  valid;
	u8    gpc;
	u8    hub;
	u8 access;
	u8 client;
	u8 reason;
};

int gp100_fault_new(struct nvkm_device *, enum nvkm_subdev_type, int inst, struct nvkm_fault **);