The following issues were found
drivers/acpi/acpica/evgpeinit.c
1 issues
Line: 303
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
acpi_status status;
u32 gpe_number;
u8 temp_gpe_number;
char name[ACPI_NAMESEG_SIZE + 1];
u8 type;
ACPI_FUNCTION_TRACE(ev_match_gpe_method);
/* Check if requested owner_id matches this owner_id */
Reported by FlawFinder.
drivers/firmware/efi/libstub/arm64-stub.c
1 issues
Line: 167
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
}
*image_addr = *reserve_addr;
memcpy((void *)*image_addr, _text, kernel_size);
return EFI_SUCCESS;
}
Reported by FlawFinder.
drivers/gpu/drm/drm_bufs.c
1 issues
Line: 976
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
atomic_dec(&dev->buf_alloc);
return -ENOMEM;
}
memcpy(temp_pagelist,
dma->pagelist, dma->page_count * sizeof(*dma->pagelist));
DRM_DEBUG("pagelist: %d entries\n",
dma->page_count + (count << page_order));
entry->buf_size = size;
Reported by FlawFinder.
drivers/firmware/efi/libstub/efi-stub.c
1 issues
Line: 375
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
efi_virt_base += size;
}
memcpy(out, in, desc_size);
out = (void *)out + desc_size;
++*count;
}
}
Reported by FlawFinder.
drivers/acpi/acpica/dswload.c
1 issues
Line: 22
#endif
#define _COMPONENT ACPI_DISPATCHER
ACPI_MODULE_NAME("dswload")
/*******************************************************************************
*
* FUNCTION: acpi_ds_init_callbacks
*
Reported by Cppcheck.
drivers/acpi/acpica/dswexec.c
1 issues
Line: 564
op->common.
node->object,
NULL);
if ACPI_FAILURE
(status) {
ACPI_EXCEPTION((AE_INFO, status,
"While writing to buffer field"));
}
}
Reported by Cppcheck.
drivers/firmware/efi/libstub/relocate.c
1 issues
Line: 168
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
* We know source/dest won't overlap since both memory ranges
* have been allocated by UEFI, so we can safely use memcpy.
*/
memcpy((void *)new_addr, (void *)cur_image_addr, image_size);
/* Return the new address of the relocated image. */
*image_addr = new_addr;
return status;
Reported by FlawFinder.
drivers/firmware/efi/libstub/tpm.c
1 issues
Line: 157
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
log_tbl->size = log_size;
log_tbl->final_events_preboot_size = final_events_size;
log_tbl->version = version;
memcpy(log_tbl->log, (void *) first_entry_addr, log_size);
status = efi_bs_call(install_configuration_table,
&linux_eventlog_guid, log_tbl);
if (status != EFI_SUCCESS)
goto err_free;
Reported by FlawFinder.
drivers/acpi/acpica/dbutils.c
1 issues
Line: 298
Column: 3
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
int i;
if (value == 0) {
strcpy(buffer, "0");
return;
}
buffer[8] = '\0';
Reported by FlawFinder.
drivers/firmware/efi/memattr.c
1 issues
Line: 160
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
efi_memory_desc_t md;
unsigned long size;
bool valid;
char buf[64];
valid = entry_is_valid((void *)tbl->entry + i * tbl->desc_size,
&md);
size = md.num_pages << EFI_PAGE_SHIFT;
if (efi_enabled(EFI_DBG) || !valid)
Reported by FlawFinder.