The following issues were found
drivers/gpu/drm/amd/display/dc/dcn10/dcn10_hw_sequencer_debug.c
1 issues
Line: 56
Column: 18
CWE codes:
134
Suggestion:
Use a constant for the format specification
va_list args;
va_start(args, fmt);
ret_vsnprintf = vsnprintf(pBuf, bufSize, fmt, args);
va_end(args);
if (ret_vsnprintf > 0) {
if (ret_vsnprintf < bufSize)
Reported by FlawFinder.
drivers/gpu/drm/amd/pm/powerplay/smumgr/tonga_smumgr.c
1 issues
Line: 1844
(uint16_t)(cac_dtp_table->usConfigurableTDP * 256));
PP_ASSERT_WITH_CODE(cac_dtp_table->usTargetOperatingTemp <= 255,
"Target Operating Temp is out of Range !",
);
dpm_table->GpuTjMax = (uint8_t)(cac_dtp_table->usTargetOperatingTemp);
dpm_table->GpuTjHyst = 8;
Reported by Cppcheck.
drivers/bluetooth/hci_h4.c
1 issues
Line: 94
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
BT_DBG("hu %p skb %p", hu, skb);
/* Prepend skb with frame type */
memcpy(skb_push(skb, 1), &hci_skb_pkt_type(skb), 1);
skb_queue_tail(&h4->txq, skb);
return 0;
}
Reported by FlawFinder.
drivers/auxdisplay/hd44780_common.c
1 issues
Line: 302
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
*/
struct hd44780_common *hdc = lcd->drvdata;
unsigned char cgbytes[8];
unsigned char cgaddr;
int cgoffset;
int shift;
char value;
int addr;
Reported by FlawFinder.
drivers/bluetooth/hci_ldisc.c
1 issues
Line: 672
Column: 19
CWE codes:
362
/* Only call open() for the protocol after hdev is fully initialized as
* open() (or a timer/workqueue it starts) may attempt to reference it.
*/
err = hu->proto->open(hu);
if (err) {
hu->hdev = NULL;
hci_free_dev(hdev);
return err;
}
Reported by FlawFinder.
drivers/bluetooth/hci_mrvl.c
1 issues
Line: 130
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
skb = skb_dequeue(&mrvl->rawq);
} else {
/* Prepend skb with frame type */
memcpy(skb_push(skb, 1), &bt_cb(skb)->pkt_type, 1);
}
return skb;
}
Reported by FlawFinder.
drivers/bluetooth/hci_nokia.c
1 issues
Line: 516
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
int err;
/* Prepend skb with frame type */
memcpy(skb_push(skb, 1), &bt_cb(skb)->pkt_type, 1);
/* Packets must be word aligned */
if (skb->len % 2) {
err = skb_pad(skb, 1);
if (err)
Reported by FlawFinder.
drivers/bluetooth/hci_serdev.c
1 issues
Line: 308
Column: 11
CWE codes:
362
if (err)
return err;
err = p->open(hu);
if (err)
goto err_open;
hu->proto = p;
set_bit(HCI_UART_PROTO_READY, &hu->flags);
Reported by FlawFinder.
drivers/bluetooth/hci_uart.h
1 issues
Line: 54
Column: 8
CWE codes:
362
unsigned int manufacturer;
unsigned int init_speed;
unsigned int oper_speed;
int (*open)(struct hci_uart *hu);
int (*close)(struct hci_uart *hu);
int (*flush)(struct hci_uart *hu);
int (*setup)(struct hci_uart *hu);
int (*set_baudrate)(struct hci_uart *hu, unsigned int speed);
int (*recv)(struct hci_uart *hu, const void *data, int len);
Reported by FlawFinder.
drivers/bluetooth/hci_vhci.c
1 issues
Line: 69
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
{
struct vhci_data *data = hci_get_drvdata(hdev);
memcpy(skb_push(skb, 1), &hci_skb_pkt_type(skb), 1);
skb_queue_tail(&data->readq, skb);
wake_up_interruptible(&data->read_wait);
return 0;
}
Reported by FlawFinder.