The following issues were found

drivers/misc/altera-stapl/altera-jtag.h
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 66 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              struct altera_state {
	struct altera_config	*config;
	struct altera_jtag	js;
	char			msg_buff[ALTERA_MESSAGE_LENGTH + 1];
	long			stack[ALTERA_STACK_SIZE];
};

int altera_jinit(struct altera_state *astate);
int altera_set_drstop(struct altera_jtag *js, enum altera_jtag_state state);

Reported by FlawFinder.

drivers/media/platform/exynos-gsc/gsc-core.h
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 308 Column: 8 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

               */
struct gsc_driverdata {
	struct gsc_variant *variant[GSC_MAX_DEVS];
	const char	*clk_names[GSC_MAX_CLOCKS];
	int		num_clocks;
	int		num_entities;
};

/**

Reported by FlawFinder.

drivers/media/platform/davinci/vpif_display.c
1 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 443 Column: 5 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

              		if (config->hd_sd == 0) {
			vpif_dbg(2, debug, "SD format\n");
			if (config->stdid & vid_ch->stdid) {
				memcpy(std_info, config, sizeof(*config));
				break;
			}
		}
	}

Reported by FlawFinder.

drivers/media/platform/davinci/vpif.h
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 621 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              
/* This structure will store size parameters as per the mode selected by user */
struct vpif_channel_config_params {
	char name[VPIF_MAX_NAME];	/* Name of the mode */
	u16 width;			/* Indicates width of the image */
	u16 height;			/* Indicates height of the image */
	u8 frm_fmt;			/* Interlaced (0) or progressive (1) */
	u8 ycmux_mode;			/* This mode requires one (0) or two (1)
					   channels */

Reported by FlawFinder.

drivers/misc/bcm-vk/bcm_vk_msg.c
1 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 568 Column: 4 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

              		if (data[i].address &&
		    (ib_sgl_size + data[i].size) <= vk->ib_sgl_size) {
			item_cnt++;
			memcpy(buf, entry->dma[i].sglist, data[i].size);
			ib_sgl_size += data[i].size;
			buf += data[i].size;
		}
	}

Reported by FlawFinder.

drivers/misc/cardreader/rtsx_usb.c
1 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 113 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

              		return -EINVAL;

	rtsx_usb_seq_cmd_hdr(ucr, addr, len, SEQ_WRITE);
	memcpy(ucr->cmd_buf + SEQ_WRITE_DATA_OFFSET, data, len);

	return rtsx_usb_transfer_data(ucr,
			usb_sndbulkpipe(ucr->pusb_dev, EP_BULK_OUT),
			ucr->cmd_buf, cmd_len, 0, NULL, 100);
}

Reported by FlawFinder.

drivers/media/platform/cadence/cdns-csi2tx.c
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 484 Column: 3 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              	csi2tx->has_internal_dphy = !!(dev_cfg & CSI2TX_DEVICE_CONFIG_HAS_DPHY);

	for (i = 0; i < csi2tx->max_streams; i++) {
		char clk_name[16];

		snprintf(clk_name, sizeof(clk_name), "pixel_if%u_clk", i);
		csi2tx->pixel_clk[i] = devm_clk_get(&pdev->dev, clk_name);
		if (IS_ERR(csi2tx->pixel_clk[i])) {
			dev_err(&pdev->dev, "Couldn't get clock %s\n",

Reported by FlawFinder.

drivers/media/platform/cadence/cdns-csi2rx.c
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 354 Column: 3 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              	}

	for (i = 0; i < csi2rx->max_streams; i++) {
		char clk_name[16];

		snprintf(clk_name, sizeof(clk_name), "pixel_if%u_clk", i);
		csi2rx->pixel_clk[i] = devm_clk_get(&pdev->dev, clk_name);
		if (IS_ERR(csi2rx->pixel_clk[i])) {
			dev_err(&pdev->dev, "Couldn't get clock %s\n", clk_name);

Reported by FlawFinder.

drivers/media/platform/atmel/atmel-isi.c
1 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 1080 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

              	if (!isi->user_formats)
		return -ENOMEM;

	memcpy(isi->user_formats, isi_fmts,
	       num_fmts * sizeof(struct isi_format *));
	isi->current_fmt = isi->user_formats[0];

	return 0;
}

Reported by FlawFinder.

drivers/media/platform/atmel/atmel-isc-base.c
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 325 Column: 8 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              	struct isc_clk *isc_clk;
	struct clk_init_data init;
	const char *clk_name = np->name;
	const char *parent_names[3];
	int num_parents;

	num_parents = of_clk_get_parent_count(np);
	if (num_parents < 1 || num_parents > 3)
		return -EINVAL;

Reported by FlawFinder.