Line: 60 Column: 3 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

              		cb += GRU_HANDLE_STRIDE;
	}
	if (dsrcnt)
		memcpy(ubuf, gseg + GRU_DS_BASE, dsrcnt * GRU_HANDLE_STRIDE);
	return 0;

fail:
	return -EFAULT;
}

            

Line: 1028 Column: 2 CWE codes: 120
Suggestion: Use sprintf_s, snprintf, or vsnprintf

              		return -ENOMEM;

	dev->nr = saa7134_devcount;
	sprintf(dev->name, "saa%x[%d]", pci_dev->device, dev->nr);

#ifdef CONFIG_MEDIA_CONTROLLER
	dev->media_dev = kzalloc(sizeof(*dev->media_dev), GFP_KERNEL);
	if (!dev->media_dev) {
		err = -ENOMEM;

            

Line: 121 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              	char		data_opt;
	char		lock_cch;
	char		flush_cbrs;
	char		fill[10];
	pid_t		pid;
	void		*buf;
	size_t		buflen;
	/* ---- output --- */
	unsigned int	num_contexts;

            

Line: 65 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              int cxgb4_thermal_init(struct adapter *adap)
{
	struct ch_thermal *ch_thermal = &adap->ch_thermal;
	char ch_tz_name[THERMAL_NAME_LENGTH];
	int num_trip = CXGB4_NUM_TRIPS;
	u32 param, val;
	int ret;

	/* on older firmwares we may not get the trip temperature,

            

Line: 370 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              	char			ts_blade;	/* If >= 0, migrate context if
						   ref from different blade */
	char			ts_force_cch_reload;
	char			ts_cbr_idx[GRU_CBR_AU];/* CBR numbers of each
							  allocated CB */
	int			ts_data_valid;	/* Indicates if ts_gdata has
						   valid data */
	struct gru_gseg_statistics ustats;	/* User statistics */
	unsigned long		ts_gdata[];	/* save area for GRU data (CB,

            

Line: 5110

              			.gpio   = 0x200,
#endif
		} },
#if 0
		.radio = {
			.type = SAA7134_INPUT_RADIO,
			.vmux   = 1,
			.amux   = LINE1,
			.gpio   = 0x100,

            

Line: 236 Column: 11 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              	unsigned int good_sockets = 0, bad_sockets = 0;
	unsigned long flags;
	/* Maximum number of entries is 4 */
	unsigned char new_ids[4];
	DECLARE_COMPLETION_ONSTACK(finish_resume);

	if (WARN_ON(fm->num_sockets > ARRAY_SIZE(new_ids)))
		return -ENXIO;


            

Line: 388 Column: 8 CWE codes: 126

              	pt3->adaps[i]->i2c_demod = cl;

	if (!strncmp(cl->name, TC90522_I2C_DEV_SAT,
		     strlen(TC90522_I2C_DEV_SAT))) {
		struct qm1d1c0042_config tcfg;

		tcfg = adap_conf[i].tuner_cfg.qm1d1c0042;
		tcfg.fe = cfg.fe;
		info = &adap_conf[i].tuner_info;

            

Line: 217 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              	struct xsdfec_clks clks;
	wait_queue_head_t waitq;
	struct xsdfec_config config;
	char dev_name[DEV_NAME_LEN];
	unsigned long flags;
	void __iomem *regs;
	struct device *dev;
	enum xsdfec_state state;
	/* Spinlock to protect state_updated and stats_updated */

            

Line: 46 Column: 8 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              	enum netup_spi_state		state;
};

static char netup_spi_name[64] = "fpga";

static struct mtd_partition netup_spi_flash_partitions = {
	.name = netup_spi_name,
	.size = 0x1000000, /* 16MB */
	.offset = 0,