The following issues were found
drivers/media/platform/xilinx/xilinx-dma.c
1 issues
Line: 650
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
int xvip_dma_init(struct xvip_composite_device *xdev, struct xvip_dma *dma,
enum v4l2_buf_type type, unsigned int port)
{
char name[16];
int ret;
dma->xdev = xdev;
dma->port = port;
mutex_init(&dma->lock);
Reported by FlawFinder.
drivers/net/ethernet/cavium/liquidio/lio_core.c
1 issues
Line: 610
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
/* For Paged allocation use the frags */
va = page_address(pg_info->page) +
pg_info->page_offset;
memcpy(skb->data, va, MIN_SKB_SIZE);
skb_put(skb, MIN_SKB_SIZE);
skb_add_rx_frag(skb, skb_shinfo(skb)->nr_frags,
pg_info->page,
pg_info->page_offset +
MIN_SKB_SIZE,
Reported by FlawFinder.
drivers/media/usb/dvb-usb/usb-urb.c
1 issues
Line: 218
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (stream == NULL || props == NULL)
return -EINVAL;
memcpy(&stream->props, props, sizeof(*props));
usb_clear_halt(stream->udev,usb_rcvbulkpipe(stream->udev,stream->props.endpoint));
if (stream->complete == NULL) {
err("there is no data callback - this doesn't make sense.");
Reported by FlawFinder.
drivers/media/dvb-frontends/au8522_dig.c
1 issues
Line: 861
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
state->operational_mode = AU8522_DIGITAL_MODE;
/* create dvb_frontend */
memcpy(&state->frontend.ops, &au8522_ops,
sizeof(struct dvb_frontend_ops));
state->frontend.demodulator_priv = state;
state->frontend.ops.analog_ops.i2c_gate_ctrl = au8522_analog_i2c_gate_ctrl;
Reported by FlawFinder.
drivers/media/usb/dvb-usb/vp7045-fe.c
1 issues
Line: 148
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
goto error;
s->d = d;
memcpy(&s->fe.ops, &vp7045_fe_ops, sizeof(struct dvb_frontend_ops));
s->fe.demodulator_priv = s;
return &s->fe;
error:
return NULL;
Reported by FlawFinder.
drivers/media/usb/em28xx/em28xx-cards.c
1 issues
Line: 1242
[EM2884_BOARD_TERRATEC_H5] = {
.name = "Terratec Cinergy H5",
.has_dvb = 1,
#if 0
.tuner_type = TUNER_PHILIPS_TDA8290,
.tuner_addr = 0x41,
.dvb_gpio = terratec_h5_digital, /* FIXME: probably wrong */
.tuner_gpio = terratec_h5_gpio,
#else
Reported by Cppcheck.
drivers/media/tuners/mxl301rf.c
1 issues
Line: 303
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
memcpy(&state->cfg, cfg, sizeof(state->cfg));
fe = cfg->fe;
fe->tuner_priv = state;
memcpy(&fe->ops.tuner_ops, &mxl301rf_ops, sizeof(mxl301rf_ops));
i2c_set_clientdata(client, &state->cfg);
dev_info(&client->dev, "MaxLinear MxL301RF attached.\n");
return 0;
}
Reported by FlawFinder.
drivers/media/usb/em28xx/em28xx-i2c.c
1 issues
Line: 926
Column: 8
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
* i2c_devs
* incomplete list of known devices
*/
static char *i2c_devs[128] = {
[0x1c >> 1] = "lgdt330x",
[0x3e >> 1] = "remote IR sensor",
[0x4a >> 1] = "saa7113h",
[0x52 >> 1] = "drxk",
[0x60 >> 1] = "remote IR sensor",
Reported by FlawFinder.
drivers/media/dvb-frontends/atbm8830.c
1 issues
Line: 476
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
}
dprintk("atbm8830 chip id: 0x%02X\n", data);
memcpy(&priv->frontend.ops, &atbm8830_ops,
sizeof(struct dvb_frontend_ops));
priv->frontend.demodulator_priv = priv;
atbm8830_init(&priv->frontend);
Reported by FlawFinder.
drivers/net/ethernet/cavium/liquidio/lio_vf_main.c
1 issues
Line: 1171
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
return -EPERM;
}
memcpy(netdev->dev_addr, addr->sa_data, netdev->addr_len);
ether_addr_copy(((u8 *)&lio->linfo.hw_addr) + 2, addr->sa_data);
return 0;
}
Reported by FlawFinder.