The following issues were found
drivers/input/touchscreen/auo-pixcir-ts.c
1 issues
Line: 107
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct i2c_client *client;
struct input_dev *input;
const struct auo_pixcir_ts_platdata *pdata;
char phys[32];
/* special handling for touch_indicate interupt mode */
bool touch_ind_mode;
wait_queue_head_t wait;
Reported by FlawFinder.
drivers/macintosh/macio_asic.c
1 issues
Line: 359
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct macio_dev *in_bay,
struct resource *parent_res)
{
char name[MAX_NODE_NAME_SIZE + 1];
struct macio_dev *dev;
const u32 *reg;
if (np == NULL)
return NULL;
Reported by FlawFinder.
drivers/gpu/drm/msm/disp/dpu1/dpu_io_util.h
1 issues
Line: 23
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct dss_clk {
struct clk *clk; /* clk handle */
char clk_name[32];
enum dss_clk_type type;
unsigned long rate;
unsigned long max_rate;
};
Reported by FlawFinder.
drivers/gpu/drm/msm/disp/dpu1/dpu_crtc.h
1 issues
Line: 145
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
*/
struct dpu_crtc {
struct drm_crtc base;
char name[DPU_CRTC_NAME_SIZE];
struct drm_pending_vblank_event *event;
u32 vsync_count;
struct dpu_hw_stage_cfg stage_cfg;
Reported by FlawFinder.
drivers/input/touchscreen/cyttsp4_spi.c
1 issues
Line: 60
Column: 4
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (op == CY_SPI_WR_OP) {
wr_buf[1] = reg & 0xFF;
if (length > 0)
memcpy(wr_buf + CY_SPI_CMD_BYTES, buf, length);
}
memset(xfer, 0, sizeof(xfer));
spi_message_init(&msg);
Reported by FlawFinder.
drivers/gpu/drm/msm/disp/dpu1/dpu_core_perf.c
1 issues
Line: 462
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
struct dpu_core_perf *perf = file->private_data;
int len;
char buf[128];
len = scnprintf(buf, sizeof(buf),
"mode %d min_mdp_clk %llu min_bus_vote %llu\n",
perf->perf_tune.mode,
perf->perf_tune.min_core_clk,
Reported by FlawFinder.
drivers/input/touchscreen/cyttsp_core.h
1 issues
Line: 103
Column: 8
CWE codes:
120
20
u16 bustype;
int (*write)(struct device *dev, u8 *xfer_buf, u16 addr, u8 length,
const void *values);
int (*read)(struct device *dev, u8 *xfer_buf, u16 addr, u8 length,
void *values);
};
enum cyttsp_state {
CY_IDLE_STATE,
Reported by FlawFinder.
drivers/input/touchscreen/cyttsp_i2c_common.c
1 issues
Line: 73
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
int retval;
xfer_buf[0] = addr_lo;
memcpy(&xfer_buf[1], values, length);
retval = i2c_transfer(client->adapter, msgs, ARRAY_SIZE(msgs));
if (retval < 0)
return retval;
Reported by FlawFinder.
drivers/input/touchscreen/cyttsp_spi.c
1 issues
Line: 60
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
wr_buf[2] = reg; /* reg index */
wr_buf[3] = op; /* r/~w */
if (op == CY_SPI_WR_OP)
memcpy(wr_buf + CY_SPI_CMD_BYTES, buf, length);
memset(xfer, 0, sizeof(xfer));
spi_message_init(&msg);
/*
Reported by FlawFinder.
drivers/gpu/drm/i915/display/intel_dsi_vbt.c
1 issues
Line: 482
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
goto err_alloc;
payload_data[0] = reg_offset;
memcpy(&payload_data[1], (data + 7), payload_size);
msg.addr = slave_addr;
msg.flags = 0;
msg.len = payload_size + 1;
msg.buf = payload_data;
Reported by FlawFinder.