The following issues were found

drivers/gpu/drm/exynos/exynos_drm_vidi.c
1 issues
sprintf - Does not check for buffer overflows
Security

Line: 176 Column: 7 CWE codes: 120
Suggestion: Use sprintf_s, snprintf, or vsnprintf 

              
	mutex_lock(&ctx->lock);

	rc = sprintf(buf, "%d\n", ctx->connected);

	mutex_unlock(&ctx->lock);

	return rc;
}

Reported by FlawFinder.

drivers/input/rmi4/rmi_f30.c
1 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 137 Column: 3 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

              				 "F30 interrupted, but data is missing\n");
			return IRQ_HANDLED;
		}
		memcpy(f30->data_regs, drvdata->attn_data.data,
			f30->register_count);
		drvdata->attn_data.data += f30->register_count;
		drvdata->attn_data.size -= f30->register_count;
	} else {
		error = rmi_read_block(fn->rmi_dev, fn->fd.data_base_addr,

Reported by FlawFinder.

drivers/gpu/drm/msm/dsi/phy/dsi_phy_28nm.c
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 522 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              
static int pll_28nm_register(struct dsi_pll_28nm *pll_28nm, struct clk_hw **provided_clocks)
{
	char clk_name[32], parent1[32], parent2[32], vco_name[32];
	struct clk_init_data vco_init = {
		.parent_names = (const char *[]){ "xo" },
		.num_parents = 1,
		.name = vco_name,
		.flags = CLK_IGNORE_UNUSED,

Reported by FlawFinder.

drivers/gpu/drm/msm/dsi/phy/dsi_phy_14nm.c
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 805 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              
static int pll_14nm_register(struct dsi_pll_14nm *pll_14nm, struct clk_hw **provided_clocks)
{
	char clk_name[32], parent[32], vco_name[32];
	struct clk_init_data vco_init = {
		.parent_names = (const char *[]){ "xo" },
		.num_parents = 1,
		.name = vco_name,
		.flags = CLK_IGNORE_UNUSED,

Reported by FlawFinder.

drivers/input/rmi4/rmi_f3a.c
1 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 70 Column: 3 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

              				 "F3A interrupted, but data is missing\n");
			return IRQ_HANDLED;
		}
		memcpy(f3a->data_regs, drvdata->attn_data.data,
			f3a->register_count);
		drvdata->attn_data.data += f3a->register_count;
		drvdata->attn_data.size -= f3a->register_count;
	} else {
		error = rmi_read_block(fn->rmi_dev, fn->fd.data_base_addr,

Reported by FlawFinder.

drivers/input/rmi4/rmi_f54.c
1 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 349 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

              		goto data_done;
	}

	memcpy(ptr, f54->report_data, f54->report_size);
	vb2_set_plane_payload(vb, 0, rmi_f54_get_report_size(f54));
	state = VB2_BUF_STATE_DONE;

data_done:
	mutex_unlock(&f54->data_mutex);

Reported by FlawFinder.

drivers/input/rmi4/rmi_i2c.c
1 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 105 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

              	}

	rmi_i2c->tx_buf[0] = addr & 0xff;
	memcpy(rmi_i2c->tx_buf + 1, buf, len);

	if (RMI_I2C_PAGE(addr) != rmi_i2c->page) {
		retval = rmi_set_page(rmi_i2c, RMI_I2C_PAGE(addr));
		if (retval)
			goto exit;

Reported by FlawFinder.

drivers/md/dm-cache-policy.h
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 159 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              	 * Policy writers should fill in these fields.  The name field is
	 * what gets passed on the target line to select your policy.
	 */
	char name[CACHE_POLICY_NAME_SIZE];
	unsigned version[CACHE_POLICY_VERSION_SIZE];

	/*
	 * For use by an alias dm_cache_policy_type to point to the
	 * real dm_cache_policy_type.

Reported by FlawFinder.

drivers/input/serio/ambakmi.c
1 issues
open - Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?
Security

Line: 32 Column: 16 CWE codes: 362 

              	void __iomem		*base;
	unsigned int		irq;
	unsigned int		divisor;
	unsigned int		open;
};

static irqreturn_t amba_kmi_int(int irq, void *dev_id)
{
	struct amba_kmi_port *kmi = dev_id;

Reported by FlawFinder.

drivers/input/serio/hil_mlc.c
1 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 102 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

              
static void hil_mlc_copy_di_scratch(hil_mlc *mlc, int idx)
{
	memcpy(&mlc->di[idx], &mlc->di_scratch, sizeof(mlc->di_scratch));
}

static int hil_mlc_match_di_scratch(hil_mlc *mlc)
{
	int idx;

Reported by FlawFinder.