Line: 66 Column: 16 CWE codes: 120 20

              	u32 offset;
	u64 ro_mask;
	u32 device;
	gvt_mmio_func read;
	gvt_mmio_func write;
	u32 addr_range;
	struct hlist_node node;
};


            

Line: 118 Column: 45 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              	return ret;
}

static ssize_t mag3110_show_int_plus_micros(char *buf,
	const int (*vals)[2], int n)
{
	size_t len = 0;

	while (n-- > 0)

            

Line: 59 Column: 9 CWE codes: 120
Suggestion: Use sprintf_s, snprintf, or vsnprintf

              	if (ret < 0)
		return ret;
	/* Keep 12 bits and multiply by the scale of 62.5 millidegrees/bit. */
	return sprintf(buf, "%d\n", (s16)le16_to_cpu(ret) * 125 / 32);
}

static SENSOR_DEVICE_ATTR_RO(temp1_input, max31722_temp, 0);

static struct attribute *max31722_attrs[] = {

            

Line: 54 Column: 14 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              static void update_upstream_irq(struct intel_vgpu *vgpu,
		struct intel_gvt_irq_info *info);

static const char * const irq_name[INTEL_GVT_EVENT_MAX] = {
	[RCS_MI_USER_INTERRUPT] = "Render CS MI USER INTERRUPT",
	[RCS_DEBUG] = "Render EU debug from SVG",
	[RCS_MMIO_SYNC_FLUSH] = "Render MMIO sync flush status",
	[RCS_CMD_STREAMER_ERR] = "Render CS error interrupt",
	[RCS_PIPE_CONTROL] = "Render PIPE CONTROL notify",

            

Line: 966 Column: 9 CWE codes: 120
Suggestion: Use sprintf_s, snprintf, or vsnprintf

              {
	struct i2c_client *client = to_i2c_client(dev);

	return sprintf(buf, "%d\n", !!(client->flags & I2C_CLIENT_PEC));
}

static ssize_t pec_store(struct device *dev, struct device_attribute *dummy,
			 const char *buf, size_t count)
{

            

Line: 35 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              #define MCP41010_WIPER_CHANNEL	BIT(0)

struct mcp41010_cfg {
	char name[16];
	int wipers;
	int kohms;
};

enum mcp41010_type {

            

Line: 21 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

              	struct spi_device *spi = to_spi_device(dev);
	u8 buf[2];

	memcpy(buf, data, 2);
	/*
	 * The SPI register address (= full register address without bit 7) and
	 * the write command (bit7 = RW = '0')
	 */
	buf[0] &= ~0x80;

            

Line: 262 Column: 3 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

              
	for_each_set_bit(chn, indio_dev->active_scan_mask,
		indio_dev->masklength) {
		memcpy(tmp_buf + i,
			&st->rx_buf[1] + chn * DLH_NUM_DATA_BYTES,
			DLH_NUM_DATA_BYTES);
		i++;
	}


            

Line: 107 Column: 11 CWE codes: 120
Suggestion: Use sprintf_s, snprintf, or vsnprintf

              		break;
	}

	status = sprintf(buf, "%d\n", val); /* millidegrees Celsius */
out:
	mutex_unlock(&p_lm70->lock);
	return status;
}


            

Line: 14 Column: 8 CWE codes: 120 20

              
struct mpl115_ops {
	int (*init)(struct device *);
	int (*read)(struct device *, u8);
	int (*write)(struct device *, u8, u8);
};

int mpl115_probe(struct device *dev, const char *name,
			const struct mpl115_ops *ops);