The following issues were found

drivers/media/dvb-frontends/drx39xyj/drxj.h
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 493 Column: 3 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              					  /*< qam pre SAW config */

		/* Version information */
		char v_text[2][12];	  /*< allocated text versions */
		struct drx_version v_version[2]; /*< allocated versions structs */
		struct drx_version_list v_list_elements[2];
					  /*< allocated version list */

		/* smart antenna configuration */

Reported by FlawFinder.

drivers/net/ethernet/dec/tulip/eeprom.c
1 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 185 Column: 5 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

              		      dev->dev_addr[2] == eeprom_fixups[i].addr2) {
		  if (dev->dev_addr[2] == 0xE8 && ee_data[0x1a] == 0x55)
			  i++;			/* An Accton EN1207, not an outlaw Maxtech. */
		  memcpy(ee_data + 26, eeprom_fixups[i].newtable,
				 sizeof(eeprom_fixups[i].newtable));
		  pr_info("%s: Old format EEPROM on '%s' board.  Using substitute media control info\n",
			  dev->name, eeprom_fixups[i].name);
		  break;
		}

Reported by FlawFinder.

drivers/media/dvb-frontends/dib3000mc.c
1 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 923 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

              
	demod                   = &st->demod;
	demod->demodulator_priv = st;
	memcpy(&st->demod.ops, &dib3000mc_ops, sizeof(struct dvb_frontend_ops));

	if (dib3000mc_identify(st) != 0)
		goto error;

	dibx000_init_i2c_master(&st->i2c_master, DIB3000MC, st->i2c_adap, st->i2c_addr);

Reported by FlawFinder.

drivers/net/ethernet/broadcom/bnxt/bnxt_ulp.c
1 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 258 Column: 3 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

              		if (fw_msg->resp_max_len < len)
			len = fw_msg->resp_max_len;

		memcpy(fw_msg->resp, resp, len);
	}
	mutex_unlock(&bp->hwrm_cmd_lock);
	return rc;
}

Reported by FlawFinder.

drivers/media/dvb-frontends/cxd2880/cxd2880_top.c
1 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 1898 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

              	priv->spi_mutex = cfg->spi_mutex;
	priv->spi_device.spi = cfg->spi;

	memcpy(&fe->ops, &cxd2880_dvbt_t2_ops,
	       sizeof(struct dvb_frontend_ops));

	ret = cxd2880_spi_device_initialize(&priv->spi_device,
					    CXD2880_SPI_MODE_0,
					    55000000);

Reported by FlawFinder.

drivers/net/ethernet/broadcom/genet/bcmgenet_wol.c
1 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 49 Column: 3 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

              	memset(wol->sopass, 0, sizeof(wol->sopass));

	if (wol->wolopts & WAKE_MAGICSECURE)
		memcpy(wol->sopass, priv->sopass, sizeof(priv->sopass));
}

/* ethtool function - set WOL (Wake on LAN) settings.
 * Only for magic packet detection mode.
 */

Reported by FlawFinder.

drivers/media/dvb-frontends/cxd2880/cxd2880_spi.h
1 issues
read - Check buffer boundaries if used in a loop including recursive loops
Security

Line: 23 Column: 8 CWE codes: 120 20 

              };

struct cxd2880_spi {
	int (*read)(struct cxd2880_spi *spi, u8 *data,
		    u32 size);
	int (*write)(struct cxd2880_spi *spi, const u8 *data,
		     u32 size);
	int (*write_read)(struct cxd2880_spi *spi,
			  const u8 *tx_data, u32 tx_size,

Reported by FlawFinder.

drivers/net/ethernet/broadcom/sb1250-mac.c
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 252 Column: 11 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              	int			sbm_pause;	/* current pause setting */
	int			sbm_link;	/* current link state */

	unsigned char		sbm_hwaddr[ETH_ALEN];

	struct sbmacdma		sbm_txdma;	/* only channel 0 for now */
	struct sbmacdma		sbm_rxdma;
	int			rx_hw_checksum;
	int			sbe_idx;

Reported by FlawFinder.

drivers/media/dvb-frontends/cxd2880/cxd2880_devio_spi.c
1 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 95 Column: 3 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

              		else
			send_data[2] = size;

		memcpy(&send_data[3], write_data_top, send_data[2]);

		if (tgt == CXD2880_IO_TGT_SYS) {
			send_data[3 + send_data[2]] = 0x00;
			ret = spi->write(spi, send_data, send_data[2] + 4);
		} else {

Reported by FlawFinder.

drivers/net/ethernet/dec/tulip/media.c
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 35 Column: 23 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              #define MDIO_ENB_IN		0x40000
#define MDIO_DATA_READ		0x80000

static const unsigned char comet_miireg2offset[32] = {
	0xB4, 0xB8, 0xBC, 0xC0,  0xC4, 0xC8, 0xCC, 0,  0,0,0,0,  0,0,0,0,
	0,0xD0,0,0,  0,0,0,0,  0,0,0,0, 0, 0xD4, 0xD8, 0xDC, };


/* MII transceiver control section.

Reported by FlawFinder.