The following issues were found
drivers/mfd/iqs62x.c
1 issues
Line: 330
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
fw_blk->addr = fw_rec->addr;
fw_blk->mask = mask;
fw_blk->len = len;
memcpy(fw_blk->data, data, len);
list_add(&fw_blk->list, &iqs62x->fw_blk_head);
}
release_firmware(fw);
Reported by FlawFinder.
drivers/mfd/janz-cmodio.c
1 issues
Line: 31
Column: 8
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
/* Module Parameters */
static unsigned int num_modules = CMODIO_MAX_MODULES;
static char *modules[CMODIO_MAX_MODULES] = {
"empty", "empty", "empty", "empty",
};
module_param_array(modules, charp, &num_modules, S_IRUGO);
MODULE_PARM_DESC(modules, "MODULbus modules attached to the carrier board");
Reported by FlawFinder.
drivers/mfd/lp3943.c
1 issues
drivers/media/common/siano/smsdvb-debugfs.c
1 issues
Line: 27
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct kref refcount;
spinlock_t lock;
char stats_data[PAGE_SIZE];
unsigned stats_count;
bool stats_was_read;
wait_queue_head_t stats_queue;
};
Reported by FlawFinder.
drivers/media/platform/exynos4-is/fimc-core.c
1 issues
Line: 33
Column: 8
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#include "fimc-reg.h"
#include "media-dev.h"
static char *fimc_clocks[MAX_FIMC_CLOCKS] = {
"sclk_fimc", "fimc"
};
static struct fimc_fmt fimc_formats[] = {
{
Reported by FlawFinder.
drivers/mfd/si476x-cmd.c
1 issues
Line: 281
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
/* First send the command and its arguments */
data[0] = command;
memcpy(&data[1], args, argn);
dev_dbg(&client->dev, "Command:\n %*ph\n", argn + 1, data);
err = si476x_core_i2c_xfer(core, SI476X_I2C_SEND,
(char *) data, argn + 1);
if (err != argn + 1) {
Reported by FlawFinder.
drivers/mfd/si476x-i2c.c
1 issues
Line: 734
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
}
core->diversity_mode = pdata->diversity_mode;
memcpy(&core->pinmux, &pdata->pinmux,
sizeof(struct si476x_pinmux));
} else {
dev_err(&client->dev, "No platform data provided\n");
return -EINVAL;
}
Reported by FlawFinder.
drivers/mfd/sm501.c
1 issues
Line: 1207
Column: 9
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
int ret;
for (reg = 0x00; reg < 0x70; reg += 4) {
ret = sprintf(ptr, "%08x = %08x\n",
reg, smc501_readl(sm->regs + reg));
ptr += ret;
}
return ptr - buff;
Reported by FlawFinder.
drivers/mfd/sta2x11-mfd.c
1 issues
Line: 164
Column: 14
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
}
static const char *sta2x11_mfd_names[sta2x11_n_mfd_plat_devs] = {
[sta2x11_sctl] = STA2X11_MFD_SCTL_NAME,
[sta2x11_apbreg] = STA2X11_MFD_APBREG_NAME,
[sta2x11_apb_soc_regs] = STA2X11_MFD_APB_SOC_REGS_NAME,
[sta2x11_scr] = STA2X11_MFD_SCR_NAME,
};
Reported by FlawFinder.
drivers/mfd/stm32-timers.c
1 issues
Line: 180
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
int i;
int ret = 0;
char name[4];
init_completion(&ddata->dma.completion);
mutex_init(&ddata->dma.lock);
/* Optional DMA support: get valid DMA channel(s) or NULL */
Reported by FlawFinder.