The following issues were found
arch/m68k/sun3x/prom.c
1 issues
Line: 162
Column: 16
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
/* make a copy of the idprom structure */
for (i = 0; i < num_bytes; i++)
idbuf[i] = ((char *)SUN3X_IDPROM)[i];
return idbuf[0];
}
Reported by FlawFinder.
arch/m68k/sun3/config.c
1 issues
Line: 37
Column: 1
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#include <asm/segment.h>
#include <asm/sun3ints.h>
char sun3_reserved_pmeg[SUN3_PMEGS_NUM];
static void sun3_sched_init(void);
extern void sun3_get_model (char* model);
extern int sun3_hwclk(int set, struct rtc_time *t);
Reported by FlawFinder.
arch/m68k/mvme147/config.c
1 issues
Line: 68
Column: 2
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
static void mvme147_get_model(char *model)
{
sprintf(model, "Motorola MVME147");
}
/*
* This function is called during kernel startup to initialize
* the mvme147 IRQ handling routines.
Reported by FlawFinder.
arch/m68k/mac/iop.c
1 issues
Line: 466
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
msg->iop_num = iop_num;
msg->channel = chan;
msg->caller_priv = privdata;
memcpy(msg->message, msg_data, msg_len);
msg->handler = handler;
if (!(q = iop_send_queue[iop_num][chan])) {
iop_send_queue[iop_num][chan] = msg;
iop_do_send(msg);
Reported by FlawFinder.
arch/m68k/kernel/uboot.c
1 issues
Line: 78
Column: 3
CWE codes:
120
uboot_cmd_end = sp[5];
if (uboot_cmd_start && uboot_cmd_end)
strncpy(commandp, (const char *)uboot_cmd_start, size);
#if defined(CONFIG_BLK_DEV_INITRD)
if (uboot_initrd_start && uboot_initrd_end &&
(uboot_initrd_end > uboot_initrd_start)) {
initrd_start = uboot_initrd_start;
initrd_end = uboot_initrd_end;
Reported by FlawFinder.
arch/m68k/kernel/machine_kexec.c
1 issues
Line: 45
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
reboot_code_buffer = page_address(image->control_code_page);
memcpy(reboot_code_buffer, relocate_new_kernel,
relocate_new_kernel_size);
/*
* we do not want to be bothered.
*/
Reported by FlawFinder.
arch/m68k/include/uapi/asm/sigcontext.h
1 issues
Line: 21
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#ifndef __uClinux__
unsigned long sc_fpregs[2*3]; /* room for two fp registers */
unsigned long sc_fpcntl[3];
unsigned char sc_fpstate[216];
#endif
};
#endif
Reported by FlawFinder.
arch/um/include/asm/page.h
1 issues
Line: 30
Column: 28
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
*/
#define clear_page(page) memset((void *)(page), 0, PAGE_SIZE)
#define copy_page(to,from) memcpy((void *)(to), (void *)(from), PAGE_SIZE)
#define clear_user_page(page, vaddr, pg) clear_page(page)
#define copy_user_page(to, from, vaddr, pg) copy_page(to, from)
#if defined(CONFIG_3_LEVEL_PGTABLES) && !defined(CONFIG_64BIT)
Reported by FlawFinder.
arch/um/include/shared/init.h
1 issues
Line: 82
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#define __non_empty_string(dummyname,string) \
struct __uml_non_empty_string_struct_##dummyname \
{ \
char _string[sizeof(string)-2]; \
}
#ifndef MODULE
#define __uml_setup(str, fn, help...) \
__non_empty_string(fn ##_setup, str); \
Reported by FlawFinder.
arch/um/include/shared/kern.h
1 issues
Line: 16
Column: 12
CWE codes:
134
Suggestion:
Use a constant for the format specification
* includes.
*/
extern int printf(const char *fmt, ...);
extern void *sbrk(int increment);
extern int pause(void);
extern void exit(int);
#endif
Reported by FlawFinder.