The following issues were found
drivers/gpu/drm/i915/gvt/edid.h
1 issues
Line: 55
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct intel_vgpu_edid_data {
bool data_valid;
unsigned char edid_block[EDID_SIZE];
};
enum gmbus_cycle_type {
GMBUS_NOCYCLE = 0x0,
NIDX_NS_W = 0x1,
Reported by FlawFinder.
drivers/iio/proximity/isl29501.c
1 issues
Line: 295
Column: 9
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
return -EINVAL;
}
return sprintf(buf, "%u\n", value);
}
static int isl29501_set_shadow_coeff(struct isl29501_private *isl29501,
enum isl29501_register_name reg,
unsigned int val)
Reported by FlawFinder.
drivers/hwmon/lineage-pem.c
1 issues
Line: 143
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
result = -EIO;
goto abort;
}
memcpy(data, block_buffer, data_len);
result = 0;
abort:
return result;
}
Reported by FlawFinder.
drivers/iio/proximity/sx9310.c
1 issues
Line: 1234
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
int ret, i, count;
const char *res;
memcpy(reg_def, &sx9310_default_regs[idx], sizeof(*reg_def));
if (!np)
return reg_def;
switch (reg_def->reg) {
case SX9310_REG_PROX_CTRL2:
Reported by FlawFinder.
drivers/mcb/mcb-internal.h
1 issues
Line: 46
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
u16 magic;
u16 reserved;
/* This one has no '\0' at the end!!! */
char filename[CHAMELEON_FILENAME_LEN];
} __packed;
#define HEADER_MAGIC_OFFSET 0x4
/**
* struct chameleon_gdd - Chameleon General Device Descriptor
Reported by FlawFinder.
drivers/hwmon/iio_hwmon.c
1 issues
Line: 61
Column: 9
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
if (type == IIO_POWER)
result *= 1000; /* mili-Watts to micro-Watts conversion */
return sprintf(buf, "%d\n", result);
}
static int iio_hwmon_probe(struct platform_device *pdev)
{
struct device *dev = &pdev->dev;
Reported by FlawFinder.
drivers/gpu/drm/i915/gvt/dmabuf.c
1 issues
Line: 479
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
ret = -ENOMEM;
goto out_free_dmabuf;
}
memcpy(dmabuf_obj->info, &fb_info, sizeof(struct intel_vgpu_fb_info));
((struct intel_vgpu_fb_info *)dmabuf_obj->info)->obj = dmabuf_obj;
dmabuf_obj->vgpu = vgpu;
Reported by FlawFinder.
drivers/iio/test/iio-test-format.c
1 issues
Line: 11
Column: 26
CWE codes:
126
#include <linux/iio/iio.h>
#define IIO_TEST_FORMAT_EXPECT_EQ(_test, _buf, _ret, _val) do { \
KUNIT_EXPECT_EQ(_test, strlen(_buf), _ret); \
KUNIT_EXPECT_STREQ(_test, (_buf), (_val)); \
} while (0)
static void iio_test_iio_format_value_integer(struct kunit *test)
{
Reported by FlawFinder.
drivers/hwmon/hwmon-vid.c
1 issues
Line: 237
Column: 15
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static u8 get_via_model_d_vrm(void)
{
unsigned int vid, brand, __maybe_unused dummy;
static const char *brands[4] = {
"C7-M", "C7", "Eden", "C7-D"
};
rdmsr(0x198, dummy, vid);
vid &= 0xff;
Reported by FlawFinder.
drivers/hwmon/drivetemp.c
1 issues
Line: 318
Column: 9
CWE codes:
126
*/
for (ctr = 0; ctr < ARRAY_SIZE(sct_avoid_models); ctr++)
if (!strncmp(sdev->model, sct_avoid_models[ctr],
strlen(sct_avoid_models[ctr])))
return true;
return false;
}
Reported by FlawFinder.