Line: 212 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              {
	struct adis16400_state *st = file->private_data;
	u16 lot1, lot2, serial_number;
	char buf[16];
	size_t len;
	int ret;

	ret = adis_read_reg_16(&st->adis, ADIS16334_LOT_ID1, &lot1);
	if (ret)

            

Line: 512 Column: 14 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              	chained_irq_exit(chip, desc);
}

static const char * const irq_names[MAX_NUM_HOST_IRQS] = {
	"host_intr0", "host_intr1", "host_intr2", "host_intr3",
	"host_intr4", "host_intr5", "host_intr6", "host_intr7",
};

static int pruss_intc_probe(struct platform_device *pdev)

            

Line: 694 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

              	if (!data)
		return -ENOMEM;

	memcpy(&data->info, &mp2975_info, sizeof(*info));
	info = &data->info;

	/* Identify multiphase configuration for rail 2. */
	ret = mp2975_identify_multiphase_rail2(client);
	if (ret < 0)

            

Line: 256 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

              		return ret;

	raw_wm = INV_ICM42600_FIFO_WATERMARK_VAL(wm_size);
	memcpy(st->buffer, &raw_wm, sizeof(raw_wm));
	ret = regmap_bulk_write(st->map, INV_ICM42600_REG_FIFO_WATERMARK,
				st->buffer, sizeof(raw_wm));
	if (ret)
		return ret;


            

Line: 365 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

              	if (!data)
		return -ENOMEM;

	memcpy(&data->info, &mp2888_info, sizeof(*info));
	info = &data->info;

	/* Identify multiphase configuration. */
	ret = mp2888_identify_multiphase(client, data, info);
	if (ret)

            

Line: 350 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

               * @ext_info: Sensor settings if it is connected to i2c controller
 */
struct st_lsm6dsx_sensor {
	char name[32];
	enum st_lsm6dsx_sensor_id id;
	struct st_lsm6dsx_hw *hw;

	u32 gain;
	u32 odr;

            

Line: 603 Column: 4 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

              
		for (i = 0; i < pattern_len;
		     i += ST_LSM6DSX_TAGGED_SAMPLE_SIZE) {
			memcpy(iio_buff, &hw->buff[i + ST_LSM6DSX_TAG_SIZE],
			       ST_LSM6DSX_SAMPLE_SIZE);

			tag = hw->buff[i] >> 3;
			if (tag == ST_LSM6DSX_TS_TAG) {
				/*

            

Line: 257 Column: 3 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

              		__entry->cmd_len = cmd_len;
		__entry->workload = workload;
		snprintf(__entry->cmd_name, GVT_CMD_STR_LEN, "%s", cmd_name);
		memcpy(__get_dynamic_array(raw_cmd), cmd_va, cmd_len * sizeof(*cmd_va));
	),


	TP_printk("vgpu%d ring %d: address_type %u, buf_type %u, ip_gma %08x,cmd (name=%s,len=%u,raw cmd=%s), workload=%p\n",
		__entry->vgpu_id,

            

Line: 116 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              	struct max20730_debugfs_data *psu = to_psu(idxp, idx);
	const struct pmbus_driver_info *info;
	const struct max20730_data *data;
	char tbuf[DEBUG_FS_DATA_MAX] = { 0 };
	u16 val;

	info = pmbus_get_driver_info(psu->client);
	data = to_max20730_data(info);


            

Line: 87 Column: 37 CWE codes: 126

              		dev_err(&client->dev, "Failed to read PMBUS_MFR_ID\n");
		return ret;
	}
	if (ret != 2 || strncmp(buf, "RI", strlen("RI"))) {
		dev_err(&client->dev, "MFR_ID unrecognised\n");
		return -ENODEV;
	}

	ret = i2c_smbus_read_block_data(client, PMBUS_MFR_MODEL, buf);