The following issues were found
arch/x86/boot/compressed/idt_64.c
1 issues
Line: 21
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
entry.offset_middle = (u16)((address >> 16) & 0xffff);
entry.offset_high = (u32)(address >> 32);
memcpy(&boot_idt[vector], &entry, sizeof(entry));
}
/* Have this here so we don't need to include <asm/desc.h> */
static void load_boot_idt(const struct desc_ptr *dtr)
{
Reported by FlawFinder.
arch/x86/boot/compressed/kaslr.c
1 issues
Line: 274
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (!tmp_cmdline)
error("Failed to allocate space for tmp_cmdline");
memcpy(tmp_cmdline, args, len);
tmp_cmdline[len] = 0;
args = tmp_cmdline;
/* Chew leading spaces */
args = skip_spaces(args);
Reported by FlawFinder.
crypto/algapi.c
1 issues
Line: 264
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
goto free_larval;
refcount_set(&larval->alg.cra_refcnt, 1);
memcpy(larval->alg.cra_driver_name, alg->cra_driver_name,
CRYPTO_MAX_ALG_NAME);
larval->alg.cra_priority = alg->cra_priority;
list_add(&alg->cra_list, &crypto_alg_list);
list_add(&larval->alg.cra_list, &crypto_alg_list);
Reported by FlawFinder.
arch/x86/boot/compressed/mkpiggy.c
1 issues
Line: 33
Column: 6
CWE codes:
362
/* Get the information for the compressed kernel image first */
f = fopen(argv[1], "r");
if (!f) {
perror(argv[1]);
goto bail;
}
Reported by FlawFinder.
arch/ia64/mm/contig.c
1 issues
Line: 57
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
for_each_possible_cpu(cpu) {
void *src = cpu == 0 ? cpu0_data : __phys_per_cpu_start;
memcpy(cpu_data, src, __per_cpu_end - __per_cpu_start);
__per_cpu_offset[cpu] = (char *)cpu_data - __per_cpu_start;
per_cpu(local_per_cpu_offset, cpu) = __per_cpu_offset[cpu];
/*
* percpu area for cpu0 is moved from the __init area
Reported by FlawFinder.
arch/ia64/kernel/machine_kexec.c
1 issues
Line: 65
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
func = (unsigned long *)&relocate_new_kernel;
/* Pre-load control code buffer to minimize work in kexec path */
control_code_buffer = page_address(image->control_code_page);
memcpy((void *)control_code_buffer, (const void *)func[0],
relocate_new_kernel_size);
flush_icache_range((unsigned long)control_code_buffer,
(unsigned long)control_code_buffer + relocate_new_kernel_size);
ia64_kimage = image;
Reported by FlawFinder.
arch/xtensa/platforms/iss/console.c
1 issues
Line: 189
Column: 12
CWE codes:
126
static void iss_console_write(struct console *co, const char *s, unsigned count)
{
int len = strlen(s);
if (s != 0 && *s != 0)
simc_write(1, s, count < len ? count : len);
}
Reported by FlawFinder.
arch/arc/mm/init.c
1 issues
Line: 21
Column: 1
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#include <asm/arcregs.h>
pgd_t swapper_pg_dir[PTRS_PER_PGD] __aligned(PAGE_SIZE);
char empty_zero_page[PAGE_SIZE] __aligned(PAGE_SIZE);
EXPORT_SYMBOL(empty_zero_page);
static const unsigned long low_mem_start = CONFIG_LINUX_RAM_BASE;
static unsigned long low_mem_sz;
Reported by FlawFinder.
arch/arc/mm/cache.c
1 issues
Line: 1303
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
void __ref arc_cache_init(void)
{
unsigned int __maybe_unused cpu = smp_processor_id();
char str[256];
pr_info("%s", arc_cache_mumbojumbo(0, str, sizeof(str)));
if (!cpu)
arc_cache_init_master();
Reported by FlawFinder.
arch/arc/kernel/unwind.c
1 issues
Line: 220
CWE codes:
570
void __init arc_unwind_init(void)
{
init_unwind_table(&root_table, "kernel", _text, _end - _text, NULL, 0,
__start_unwind, __end_unwind - __start_unwind,
NULL, 0);
/*__start_unwind_hdr, __end_unwind_hdr - __start_unwind_hdr);*/
init_unwind_hdr(&root_table, unw_hdr_alloc_early);
}
Reported by Cppcheck.