The following issues were found

arch/sh/mm/consistent.c
1 issues
strlen - Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected)
Security

Line: 23 Column: 10 CWE codes: 126 

              static void __init memchunk_cmdline_override(char *name, unsigned long *sizep)
{
	char *p = boot_command_line;
	int k = strlen(name);

	while ((p = strstr(p, "memchunk."))) {
		p += 9; /* strlen("memchunk.") */
		if (!strncmp(name, p, k) && p[k] == '=') {
			p += k + 1;

Reported by FlawFinder.

arch/arm/include/asm/floppy.h
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 58 Column: 17 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

               * to a non-zero track, and then restoring it to track 0.  If an error occurs,
 * then there is no floppy drive present.       [to be put back in again]
 */
static unsigned char floppy_selects[4] = { 0x10, 0x21, 0x23, 0x33 };

#define FDC1 (0x3f0)

#define FLOPPY0_TYPE 4
#define FLOPPY1_TYPE 4

Reported by FlawFinder.

arch/sh/mm/pgtable.c
1 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 15 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

              	pgd_t *pgd = x;

	memset(pgd, 0, USER_PTRS_PER_PGD * sizeof(pgd_t));
	memcpy(pgd + USER_PTRS_PER_PGD,
	       swapper_pg_dir + USER_PTRS_PER_PGD,
	       (PTRS_PER_PGD - USER_PTRS_PER_PGD) * sizeof(pgd_t));
}

void pgtable_cache_init(void)

Reported by FlawFinder.

arch/mips/include/asm/sn/gda.h
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 62 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              	void	*g_ktext_repmask;
				/* Pointer to a mask of nodes with copies
				 * of the kernel. */
	char	g_padding[56];	/* pad out to 128 bytes */
	nasid_t g_nasidtable[MAX_NUMNODES]; /* NASID of each node */
} gda_t;

#define GDA ((gda_t*) GDA_ADDR(get_nasid()))

Reported by FlawFinder.

arch/mips/include/asm/sgi/seeq.h
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 18 Column: 11 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              struct sgiseeq_platform_data {
	struct hpc3_regs *hpc;
	unsigned int irq;
	unsigned char mac[ETH_ALEN];
};

#endif /* __ASM_SGI_SEEQ_H */

Reported by FlawFinder.

arch/mips/include/asm/sgi/ioc.h
1 issues
read - Check buffer boundaries if used in a loop including recursive loops
Security

Line: 145 Column: 14 CWE codes: 120 20 

              #define SGIOC_SYSID_CHIPREV(x)	(((x) & 0xe0) >> 5)
	u32 _unused2;
	u8 _read[3];
	volatile u8 read;
	u32 _unused3;
	u8 _dmasel[3];
	volatile u8 dmasel;
#define SGIOC_DMASEL_SCLK10MHZ	0x00	/* use 10MHZ serial clock */
#define SGIOC_DMASEL_ISDNB	0x01	/* enable isdn B */

Reported by FlawFinder.

arch/mips/include/asm/octeon/octeon.h
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 105 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              	uint16_t chip_type;
	uint8_t chip_rev_major;
	uint8_t chip_rev_minor;
	char board_serial_number[OCTEON_SERIAL_LEN];
	uint8_t mac_addr_base[6];
	uint8_t mac_addr_count;
	uint64_t cvmx_desc_vaddr;
#else
	uint32_t desc_size;

Reported by FlawFinder.

arch/mips/include/asm/octeon/cvmx-sysinfo.h
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 86 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              	uint8_t board_rev_minor;
	uint8_t mac_addr_base[6];
	uint8_t mac_addr_count;
	char board_serial_number[OCTEON_SERIAL_LEN];
	/*
	 * Several boards support compact flash on the Octeon boot
	 * bus.	 The CF memory spaces may be mapped to different
	 * addresses on different boards.  These values will be 0 if
	 * CF is not present.  Note that these addresses are physical

Reported by FlawFinder.

arch/mips/include/asm/octeon/cvmx-fpa.h
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 135 Column: 6 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              {
	return ((ptr >= cvmx_fpa_pool_info[pool].base) &&
		((char *)ptr <
		 ((char *)(cvmx_fpa_pool_info[pool].base)) +
		 cvmx_fpa_pool_info[pool].size *
		 cvmx_fpa_pool_info[pool].starting_element_count));
}

/**

Reported by FlawFinder.

arch/arm/include/asm/cacheflush.h
1 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 172 Column: 3 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

              	unsigned long, void *, const void *, unsigned long);
#define copy_from_user_page(vma, page, vaddr, dst, src, len) \
	do {							\
		memcpy(dst, src, len);				\
	} while (0)

/*
 * Convert calls to our calling convention.
 */

Reported by FlawFinder.