The following issues were found

drivers/media/usb/dvb-usb-v2/dvb_usb.h
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 396 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              
	/* remote control */
	struct rc_dev *rc_dev;
	char rc_phys[64];
	struct delayed_work rc_query_work;

	void *priv;
};

Reported by FlawFinder.

drivers/media/usb/dvb-usb-v2/dvb_usb_core.c
1 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 268 Column: 3 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

              
	/* resolve input and output streaming parameters */
	if (d->props->get_stream_config) {
		memcpy(&stream_props, &adap->props->stream,
				sizeof(struct usb_data_stream_properties));
		ret = d->props->get_stream_config(adap->fe[adap->active_fe],
				&adap->ts_type, &stream_props);
		if (ret)
			dev_err(&d->udev->dev,

Reported by FlawFinder.

drivers/media/radio/radio-timb.c
1 issues
snprintf - If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate
Security

Line: 36 Column: 2 CWE codes: 134
Suggestion: Use a constant for the format specification 

              {
	strscpy(v->driver, DRIVER_NAME, sizeof(v->driver));
	strscpy(v->card, "Timberdale Radio", sizeof(v->card));
	snprintf(v->bus_info, sizeof(v->bus_info), "platform:"DRIVER_NAME);
	return 0;
}

static int timbradio_vidioc_g_tuner(struct file *file, void *priv,
	struct v4l2_tuner *v)

Reported by FlawFinder.

drivers/media/radio/radio-terratec.c
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 88 Column: 11 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              	int p;
	int temp;
	long rest;
	unsigned char buffer[25];		/* we have to bit shift 25 registers */

	freq = freq / 160;			/* convert the freq. to a nice to handle value */
	memset(buffer, 0, sizeof(buffer));

	rest = freq * 10 + 10700;	/* I once had understood what is going on here */

Reported by FlawFinder.

drivers/net/ethernet/cadence/macb.h
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 1011 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

               * this register should contribute to.
 */
struct gem_statistic {
	char stat_string[ETH_GSTRING_LEN];
	int offset;
	u32 stat_bits;
};

/* Bitfield defs for net_device_stat statistics */

Reported by FlawFinder.

drivers/media/usb/dvb-usb/af9005-fe.c
1 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 1436 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

              	state->d = d;
	state->opened = 0;

	memcpy(&state->frontend.ops, &af9005_fe_ops,
	       sizeof(struct dvb_frontend_ops));
	state->frontend.demodulator_priv = state;

	return &state->frontend;
      error:

Reported by FlawFinder.

drivers/media/usb/dvb-usb/az6027.c
1 issues
open - Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?
Security

Line: 673 Column: 80 CWE codes: 362 

              	return ret;
}

static int az6027_ci_poll_slot_status(struct dvb_ca_en50221 *ca, int slot, int open)
{
	struct dvb_usb_device *d = (struct dvb_usb_device *)ca->data;
	struct az6027_device_state *state = (struct az6027_device_state *)d->priv;
	int ret;
	u8 req;

Reported by FlawFinder.

drivers/media/usb/dvb-usb/cinergyT2-core.c
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 29 Column: 11 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              
struct cinergyt2_state {
	u8 rc_counter;
	unsigned char data[64];
};

/* Forward declaration */
static const struct dvb_usb_device_properties cinergyt2_properties;

Reported by FlawFinder.

drivers/media/radio/radio-si476x.c
1 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 1409 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

              		return rval;
	}

	memcpy(&radio->videodev, &si476x_viddev_template,
	       sizeof(struct video_device));

	radio->videodev.v4l2_dev  = &radio->v4l2dev;
	radio->videodev.ioctl_ops = &si4761_ioctl_ops;
	radio->videodev.device_caps = V4L2_CAP_TUNER | V4L2_CAP_RADIO |

Reported by FlawFinder.

drivers/media/usb/dvb-usb/cxusb.h
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 75 Column: 11 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              	struct i2c_client *i2c_client_demod;
	struct i2c_client *i2c_client_tuner;

	unsigned char data[MAX_XFER_SIZE];

	struct mutex stream_mutex;
	u8 last_lock;
	int (*fe_read_status)(struct dvb_frontend *fe,
			      enum fe_status *status);

Reported by FlawFinder.