Line: 634 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              #define NUM_SYSPORT_TXQ_STAT	2

struct bcm_sysport_stats {
	char stat_string[ETH_GSTRING_LEN];
	int stat_sizeof;
	int stat_offset;
	enum bcm_sysport_stat_type type;
	/* reg offset from UMAC base for misc counters */
	u16 reg_offset;

            

Line: 223 Column: 2 CWE codes: 120
Suggestion: Use sprintf_s, snprintf, or vsnprintf

              	}

	mii_bus->name = "bcma_mdio mii bus";
	sprintf(mii_bus->id, "%s-%d-%d", "bcma_mdio", core->bus->num,
		core->core_unit);
	mii_bus->priv = bgmac;
	mii_bus->read = bcma_mdio_mii_read;
	mii_bus->write = bcma_mdio_mii_write;
	mii_bus->reset = bcma_mdio_phy_reset;

            

Line: 1812 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

              	state->cfg = config;
	state->i2c_adap = i2c_adap;

	memcpy(&state->frontend.ops, &lgdt3306a_ops,
	       sizeof(struct dvb_frontend_ops));
	state->frontend.demodulator_priv = state;

	/* verify that we're talking to a lg3306a */
	/* FGR - NOTE - there is no obvious ChipId to check; we check

            

Line: 551 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

              	}

	/* create dvb_frontend */
	memcpy(&state->frontend.ops, &l64781_ops, sizeof(struct dvb_frontend_ops));
	state->frontend.demodulator_priv = state;
	return &state->frontend;

error:
	if (reg0x3e >= 0)

            

Line: 294 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

              
	fe->tuner_priv = state;

	memcpy(&fe->ops.tuner_ops, &ix2505v_tuner_ops,
		sizeof(struct dvb_tuner_ops));
	deb_i2c("%s: initialization (%s addr=0x%02x) ok\n",
		__func__, fe->ops.tuner_ops.info.name, config->tuner_address);

	return fe;

            

Line: 3043 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              	u16 i;				/* loop counter */
	u16 st_ind;			/* self test database access index */
	struct st_record rec;		/* current record variable */
	char message[MAX_FAIL_MSG];	/* message to log */

	/*init stats*/
	idle_chk_errors = 0;
	idle_chk_warnings = 0;


            

Line: 339 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

              	if (!st)
		return NULL;

	memcpy(&st->fe.ops, &gp8psk_fe_ops, sizeof(struct dvb_frontend_ops));
	st->fe.demodulator_priv = st;
	st->ops = ops;
	st->priv = priv;
	st->is_rev1 = is_rev1;


            

Line: 186 Column: 3 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              #define PFVF_CAP_TPA_UPDATE   0x00000008
#define PFVF_CAP_VLAN_FILTER  0x00000010

		char fw_ver[32];
		u16 db_size;
		u8  indices_per_sb;
		u8  padding;
	} pfdev_info;
	struct pf_vf_resc {

            

Line: 832 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

              	priv->pll_desc = desc;
	priv->nr = nr;

	memcpy(&fe->ops.tuner_ops, &dvb_pll_tuner_ops,
	       sizeof(struct dvb_tuner_ops));

	strscpy(fe->ops.tuner_ops.info.name, desc->name,
		sizeof(fe->ops.tuner_ops.info.name));


            

Line: 264 Column: 11 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              	unsigned long reset_TXtimeout;

	/* NIC SROM data */
	unsigned char srom[128];
};

enum dmfe_offsets {
	DCR0 = 0x00, DCR1 = 0x08, DCR2 = 0x10, DCR3 = 0x18, DCR4 = 0x20,
	DCR5 = 0x28, DCR6 = 0x30, DCR7 = 0x38, DCR8 = 0x40, DCR9 = 0x48,