The following issues were found
drivers/ata/pata_buddha.c
1 issues
Line: 82
Column: 12
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
/* Transfer trailing byte, if any. */
if (unlikely(buflen & 0x01)) {
unsigned char pad[2] = { };
/* Point buf to the tail of buffer */
buf += buflen - 1;
if (rw == READ) {
Reported by FlawFinder.
drivers/ata/pata_atiixp.c
1 issues
Line: 196
CWE codes:
908
wanted_pio = 0;
else BUG();
if (adev->pio_mode != wanted_pio)
atiixp_set_pio_timing(ap, adev, wanted_pio);
spin_unlock_irqrestore(&atiixp_lock, flags);
}
/**
Reported by Cppcheck.
drivers/ata/pata_amd.c
1 issues
Line: 274
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{ ATA_UDMA2, ATA_UDMA1, ATA_UDMA0, 0,
ATA_UDMA3, ATA_UDMA4, ATA_UDMA5, ATA_UDMA6 };
struct ata_port *ap = dev->link->ap;
char acpi_str[32] = "";
u32 saved_udma, udma;
const struct ata_acpi_gtm *gtm;
unsigned long bios_limit = 0, acpi_limit = 0, limit;
/* find out what BIOS configured */
Reported by FlawFinder.
drivers/ata/pata_ali.c
1 issues
Line: 120
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static unsigned long ali_20_filter(struct ata_device *adev, unsigned long mask)
{
char model_num[ATA_ID_PROD_LEN + 1];
/* No DMA on anything but a disk for now */
if (adev->class != ATA_DEV_ATA)
mask &= ~(ATA_MASK_MWDMA | ATA_MASK_UDMA);
ata_id_c_string(adev->id, model_num, ATA_ID_PROD, sizeof(model_num));
if (strstr(model_num, "WDC"))
Reported by FlawFinder.
drivers/comedi/drivers/tests/ni_routes_test.c
1 issues
Line: 175
CWE codes:
788
{
board.name = pci_fake;
init_private();
private.routing_tables.route_values = &RV[0][0];
private.routing_tables.valid_routes = &DR;
}
/* *** END board data initializers *** */
Reported by Cppcheck.
drivers/comedi/drivers/usbdux.c
1 issues
Line: 302
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
switch (urb->status) {
case 0:
/* copy the result in the transfer buffer */
memcpy(devpriv->in_buf, urb->transfer_buffer, SIZEINBUF);
usbduxsub_ai_handle_urb(dev, s, urb);
break;
case -EILSEQ:
/*
Reported by FlawFinder.
drivers/comedi/drivers/usbduxsigma.c
1 issues
Line: 264
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
switch (urb->status) {
case 0:
/* copy the result in the transfer buffer */
memcpy(devpriv->in_buf, urb->transfer_buffer, SIZEINBUF);
usbduxsigma_ai_handle_urb(dev, s, urb);
break;
case -EILSEQ:
/*
Reported by FlawFinder.
drivers/connector/cn_queue.c
1 issues
Line: 40
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
cbq->pdev = dev;
snprintf(cbq->id.name, sizeof(cbq->id.name), "%s", name);
memcpy(&cbq->id.id, id, sizeof(struct cb_id));
cbq->callback = callback;
return cbq;
}
void cn_queue_release_callback(struct cn_callback_entry *cbq)
Reported by FlawFinder.
drivers/connector/connector.c
1 issues
Line: 108
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
data = nlmsg_data(nlh);
memcpy(data, msg, size);
NETLINK_CB(skb).dst_group = group;
if (group)
return netlink_broadcast(dev->nls, skb, portid, group,
Reported by FlawFinder.
drivers/ata/libata-pmp.c
1 issues
Line: 681
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
goto fail;
}
memcpy(dev->gscr, gscr, sizeof(gscr[0]) * SATA_PMP_GSCR_DWORDS);
rc = sata_pmp_configure(dev, 0);
if (rc)
goto fail;
Reported by FlawFinder.