The following issues were found
drivers/cpuidle/driver.c
1 issues
Line: 273
Column: 15
CWE codes:
126
ret = __cpuidle_register_driver(drv);
spin_unlock(&cpuidle_driver_lock);
if (!ret && !strlen(param_governor) && drv->governor &&
(cpuidle_get_driver() == drv)) {
mutex_lock(&cpuidle_lock);
gov = cpuidle_find_governor(drv->governor);
if (gov) {
cpuidle_prev_governor = cpuidle_curr_governor;
Reported by FlawFinder.
drivers/cpuidle/governor.c
1 issues
Line: 19
Column: 1
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#include "cpuidle.h"
char param_governor[CPUIDLE_NAME_LEN];
LIST_HEAD(cpuidle_governors);
struct cpuidle_governor *cpuidle_curr_governor;
struct cpuidle_governor *cpuidle_prev_governor;
Reported by FlawFinder.
drivers/ata/ahci_imx.c
1 issues
Line: 430
Column: 9
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
if (err < 0)
return err;
return sprintf(buf, "%u\n", temp);
}
static const struct thermal_zone_of_device_ops fsl_sata_ahci_of_thermal_ops = {
.get_temp = sata_ahci_read_temperature,
};
Reported by FlawFinder.
drivers/ata/acard-ahci.c
1 issues
Line: 231
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
ata_tf_to_fis(&qc->tf, qc->dev->link->pmp, 1, cmd_tbl);
if (is_atapi) {
memset(cmd_tbl + AHCI_CMD_TBL_CDB, 0, 32);
memcpy(cmd_tbl + AHCI_CMD_TBL_CDB, qc->cdb, qc->dev->cdb_len);
}
if (qc->flags & ATA_QCFLAG_DMAMAP)
acard_ahci_fill_sg(qc, cmd_tbl);
Reported by FlawFinder.
drivers/crypto/allwinner/sun4i-ss/sun4i-ss-prng.c
1 issues
Line: 11
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
struct rng_alg *alg = crypto_rng_alg(tfm);
algt = container_of(alg, struct sun4i_ss_alg_template, alg.rng);
memcpy(algt->ss->seed, seed, slen);
return 0;
}
int sun4i_ss_prng_generate(struct crypto_rng *tfm, const u8 *src,
Reported by FlawFinder.
drivers/crypto/allwinner/sun8i-ce/sun8i-ce-hash.c
1 issues
Line: 413
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
dma_unmap_single(ce->dev, addr_res, digestsize, DMA_FROM_DEVICE);
memcpy(areq->result, result, algt->alg.hash.halg.digestsize);
theend:
kfree(buf);
kfree(result);
crypto_finalize_hash_request(engine, breq, err);
return 0;
Reported by FlawFinder.
drivers/crypto/allwinner/sun8i-ce/sun8i-ce-trng.c
1 issues
Line: 95
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
dma_unmap_single(ce->dev, dma_dst, todo, DMA_FROM_DEVICE);
if (!err) {
memcpy(data, d, max);
err = max;
}
memzero_explicit(d, todo);
err_dst:
kfree(d);
Reported by FlawFinder.
drivers/crypto/allwinner/sun8i-ss/sun8i-ss-hash.c
1 issues
Line: 441
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
DMA_TO_DEVICE);
dma_unmap_single(ss->dev, addr_res, digestsize, DMA_FROM_DEVICE);
memcpy(areq->result, result, algt->alg.hash.halg.digestsize);
theend:
kfree(pad);
kfree(result);
crypto_finalize_hash_request(engine, breq, err);
return 0;
Reported by FlawFinder.
drivers/gpu/drm/arm/display/komeda/komeda_pipeline.h
1 issues
Line: 85
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
/** @pipeline: the komeda pipeline this component belongs to */
struct komeda_pipeline *pipeline;
/** @name: component name */
char name[32];
/**
* @reg:
* component register base,
* which is initialized by chip and used by chip only
*/
Reported by FlawFinder.
drivers/android/binder_internal.h
1 issues
Line: 137
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
int return_error_line;
uint32_t return_error;
uint32_t return_error_param;
char context_name[BINDERFS_MAX_NAME + 1];
};
struct binder_transaction_log {
atomic_t cur;
bool full;
Reported by FlawFinder.