The following issues were found
arch/mips/pci/fixup-malta.c
1 issues
Line: 13
Column: 8
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#define PCID 4
/* This table is filled in by interrogating the PIIX4 chip */
static char pci_irq[5] = {
};
static char irq_tab[][5] = {
/* INTA INTB INTC INTD */
{0, 0, 0, 0, 0 }, /* 0: GT64120 PCI bridge */
Reported by FlawFinder.
arch/mips/netlogic/xlp/setup.c
1 issues
Line: 168
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
/* Update reset entry point with CPU init code */
reset_vec = (void *)CKSEG1ADDR(RESET_VEC_PHYS);
memset(reset_vec, 0, RESET_VEC_SIZE);
memcpy(reset_vec, (void *)nlm_reset_entry,
(nlm_reset_entry_end - nlm_reset_entry));
#ifdef CONFIG_SMP
cpumask_setall(&nlm_cpumask);
#endif
Reported by FlawFinder.
arch/mips/mm/uasm.c
1 issues
Line: 537
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
{
long off = (long)(target - first);
memcpy(target, first, (end - first) * sizeof(u32));
uasm_move_relocs(rel, first, end, off);
uasm_move_labels(lab, first, end, off);
}
UASM_EXPORT_SYMBOL(uasm_copy_handler);
Reported by FlawFinder.
arch/mips/mm/sc-debugfs.c
1 issues
Line: 17
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
size_t count, loff_t *ppos)
{
bool enabled = bc_prefetch_is_enabled();
char buf[3];
buf[0] = enabled ? 'Y' : 'N';
buf[1] = '\n';
buf[2] = 0;
Reported by FlawFinder.
arch/arm/kernel/fiq.c
1 issues
Line: 99
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
void *base = vectors_page;
unsigned offset = FIQ_OFFSET;
memcpy(base + offset, start, length);
if (!cache_is_vipt_nonaliasing())
flush_icache_range((unsigned long)base + offset,
(unsigned long)base + offset + length);
flush_icache_range(0xffff0000 + offset, 0xffff0000 + offset + length);
}
Reported by FlawFinder.
arch/mips/mm/pgtable.c
1 issues
Line: 19
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (ret) {
init = pgd_offset(&init_mm, 0UL);
pgd_init((unsigned long)ret);
memcpy(ret + USER_PTRS_PER_PGD, init + USER_PTRS_PER_PGD,
(PTRS_PER_PGD - USER_PTRS_PER_PGD) * sizeof(pgd_t));
}
return ret;
}
Reported by FlawFinder.
arch/s390/kernel/ipl_vmparm.c
1 issues
Line: 18
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
(ipb->ccw.vm_parm_len > 0)) {
len = min_t(size_t, size - 1, ipb->ccw.vm_parm_len);
memcpy(dest, ipb->ccw.vm_parm, len);
/* If at least one character is lowercase, we assume mixed
* case; otherwise we convert everything to lowercase.
*/
for (i = 0; i < len; i++)
if ((dest[i] > 0x80 && dest[i] < 0x8a) || /* a-i */
Reported by FlawFinder.
arch/s390/kernel/irq.c
1 issues
Line: 375
Column: 17
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
}
static DEFINE_SPINLOCK(irq_subclass_lock);
static unsigned char irq_subclass_refcount[64];
void irq_subclass_register(enum irq_subclass subclass)
{
spin_lock(&irq_subclass_lock);
if (!irq_subclass_refcount[subclass])
Reported by FlawFinder.
arch/s390/kernel/kprobes.c
1 issues
Line: 75
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
unsigned int len;
len = insn_length(*p->addr >> 8);
memcpy(&insn, p->addr, len);
p->opcode = insn[0];
if (probe_is_insn_relative_long(&insn[0])) {
/*
* For pc-relative instructions in RIL-b or RIL-c format patch
* the RI2 displacement field. We have already made sure that
Reported by FlawFinder.
arch/mips/mm/page.c
1 issues
Line: 60
label_copy_pref_store,
};
UASM_L_LA(_clear_nopref)
UASM_L_LA(_clear_pref)
UASM_L_LA(_copy_nopref)
UASM_L_LA(_copy_pref_both)
UASM_L_LA(_copy_pref_store)
Reported by Cppcheck.