The following issues were found

drivers/gpu/drm/i915/display/intel_hdcp.c
1 issues
Expression 'read_ret=shim->read_ksv_ready(dig_port,&ksv_ready),read_ret||ksv_ready' depends on order of evaluation of side effects
Error

Line: 222 CWE codes: 768 

              
	/* Poll for ksv list ready (spec says max time allowed is 5s) */
	ret = __wait_for(read_ret = shim->read_ksv_ready(dig_port,
							 &ksv_ready),
			 read_ret || ksv_ready, 5 * 1000 * 1000, 1000,
			 100 * 1000);
	if (ret)
		return ret;
	if (read_ret)

Reported by Cppcheck.

drivers/macintosh/ams/ams-input.c
1 issues
sprintf - Does not check for buffer overflows
Security

Line: 108 Column: 9 CWE codes: 120
Suggestion: Use sprintf_s, snprintf, or vsnprintf 

              static ssize_t ams_input_show_joystick(struct device *dev,
	struct device_attribute *attr, char *buf)
{
	return sprintf(buf, "%d\n", joystick);
}

static ssize_t ams_input_store_joystick(struct device *dev,
	struct device_attribute *attr, const char *buf, size_t count)
{

Reported by FlawFinder.

drivers/input/tablet/kbtab.c
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 28 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              	struct input_dev *dev;
	struct usb_interface *intf;
	struct urb *irq;
	char phys[32];
};

static void kbtab_irq(struct urb *urb)
{
	struct kbtab *kbtab = urb->context;

Reported by FlawFinder.

drivers/gpu/drm/msm/disp/msm_disp_snapshot.h
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 66 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

               * @base_addr: starting address of this hardware block's register space
 */
struct msm_disp_state_block {
	char name[SZ_128];
	struct list_head node;
	unsigned int size;
	u32 *state;
	void __iomem *base_addr;
};

Reported by FlawFinder.

drivers/input/tablet/wacom_serial4.c
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 176 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              	unsigned int tool;
	unsigned int idx;
	u8 data[DATA_SIZE];
	char phys[32];
};

enum {
	MODEL_CINTIQ		= 0x504C, /* PL */
	MODEL_CINTIQ2		= 0x4454, /* DT */

Reported by FlawFinder.

drivers/input/touchscreen/88pm860x-ts.c
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 52 Column: 11 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              {
	struct pm860x_touch *touch = data;
	struct pm860x_chip *chip = touch->chip;
	unsigned char buf[MEAS_LEN];
	int x, y, pen_down;
	int z1, z2, rt = 0;
	int ret;

	ret = pm860x_bulk_read(touch->i2c, MEAS_TSIX_1, MEAS_LEN, buf);

Reported by FlawFinder.

drivers/gpu/drm/msm/disp/mdp5/mdp5_cfg.c
1 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 1235 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

              	cfg_handler->config.hw = mdp5_cfg;

	pconfig = mdp5_get_config(pdev);
	memcpy(&cfg_handler->config.platform, pconfig, sizeof(*pconfig));

	DBG("MDP5: %s hw config selected", mdp5_cfg->name);

	return cfg_handler;

Reported by FlawFinder.

drivers/gpu/drm/exynos/exynos_drm_scaler.c
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 33 Column: 8 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              #define SCALER_RESET_WAIT_RETRIES	100

struct scaler_data {
	const char	*clk_name[SCALER_MAX_CLK];
	unsigned int	num_clk;
	const struct exynos_drm_ipp_formats *formats;
	unsigned int	num_formats;
};

Reported by FlawFinder.

drivers/gpu/drm/msm/disp/mdp4/mdp4_crtc.c
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 18 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              
struct mdp4_crtc {
	struct drm_crtc base;
	char name[8];
	int id;
	int ovlp;
	enum mdp4_dma dma;
	bool enabled;

Reported by FlawFinder.

drivers/gpu/drm/msm/disp/dpu1/dpu_vbif.c
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 295 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              
void dpu_debugfs_vbif_init(struct dpu_kms *dpu_kms, struct dentry *debugfs_root)
{
	char vbif_name[32];
	struct dentry *entry, *debugfs_vbif;
	int i, j;

	entry = debugfs_create_dir("vbif", debugfs_root);

Reported by FlawFinder.