The following issues were found
drivers/iio/accel/kxcjk-1013.c
1 issues
Line: 1120
Column: 9
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
else
str = kxcjk1013_samp_freq_avail;
return sprintf(buf, "%s\n", str);
}
static IIO_DEVICE_ATTR(in_accel_sampling_frequency_available, S_IRUGO,
kxcjk1013_get_samp_freq_avail, NULL, 0);
Reported by FlawFinder.
drivers/iio/accel/mma8452.c
1 issues
Line: 260
Column: 45
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
return ret;
}
static ssize_t mma8452_show_int_plus_micros(char *buf, const int (*vals)[2],
int n)
{
size_t len = 0;
while (n-- > 0)
Reported by FlawFinder.
drivers/gpu/drm/gma500/oaktrail_lvds_i2c.c
1 issues
Line: 145
Column: 2
CWE codes:
120
chan->drm_dev = dev;
chan->reg = dev_priv->lpc_gpio_base;
strncpy(chan->adapter.name, "gma500 LPC", I2C_NAME_SIZE - 1);
chan->adapter.owner = THIS_MODULE;
chan->adapter.algo_data = &chan->algo;
chan->adapter.dev.parent = dev->dev;
chan->algo.setsda = set_data;
chan->algo.setscl = set_clock;
Reported by FlawFinder.
drivers/hwtracing/coresight/coresight-priv.h
1 issues
Line: 109
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
static inline void coresight_insert_barrier_packet(void *buf)
{
if (buf)
memcpy(buf, coresight_barrier_pkt, CORESIGHT_BARRIER_PKT_SIZE);
}
static inline void CS_LOCK(void __iomem *addr)
{
do {
Reported by FlawFinder.
drivers/mailbox/imx-mailbox.c
1 issues
Line: 52
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct imx_mu_con_priv {
unsigned int idx;
char irq_desc[IMX_MU_CHAN_NAME_SIZE];
enum imx_mu_chan_type type;
struct mbox_chan *chan;
struct tasklet_struct txdb_tasklet;
};
Reported by FlawFinder.
drivers/gpu/drm/i915/intel_memory_region.h
1 issues
Line: 94
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
u16 type;
u16 instance;
enum intel_region_id id;
char name[16];
bool private; /* not for userspace */
struct list_head reserved;
dma_addr_t remap_addr;
Reported by FlawFinder.
drivers/iio/adc/ad7766.c
1 issues
Line: 53
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
* Make the buffer large enough for one 24 bit sample and one 64 bit
* aligned 64 bit timestamp.
*/
unsigned char data[ALIGN(3, sizeof(s64)) + sizeof(s64)]
____cacheline_aligned;
};
/*
* AD7766 and AD7767 variations are interface compatible, the main difference is
Reported by FlawFinder.
drivers/iommu/intel/cap_audit.h
1 issues
Line: 93
Column: 60
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
min_feature; \
} while (0)
#define MINIMAL_FEATURE_HOTPLUG(iommu, cap, feature, MASK, mismatch) \
do { \
if ((intel_iommu_##cap##_sanity & (MASK)) > \
(cap##_##feature((iommu)->cap))) \
mismatch = true; \
else \
Reported by FlawFinder.
drivers/gpu/drm/i915/intel_memory_region.c
1 issues
Line: 177
Column: 2
CWE codes:
134
Suggestion:
Use a constant for the format specification
va_list ap;
va_start(ap, fmt);
vsnprintf(mem->name, sizeof(mem->name), fmt, ap);
va_end(ap);
}
static void __intel_memory_region_destroy(struct kref *kref)
{
Reported by FlawFinder.
drivers/iio/adc/ad799x.c
1 issues
Line: 332
Column: 9
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
if (ret < 0)
return ret;
return sprintf(buf, "%u\n", ad7998_frequencies[ret & AD7998_CYC_MASK]);
}
static ssize_t ad799x_write_frequency(struct device *dev,
struct device_attribute *attr,
const char *buf,
Reported by FlawFinder.