The following issues were found
drivers/media/pci/netup_unidvb/netup_unidvb_ci.c
1 issues
Line: 115
Column: 24
CWE codes:
362
}
static int netup_unidvb_poll_ci_slot_status(struct dvb_ca_en50221 *en50221,
int slot, int open)
{
struct netup_ci_state *state = en50221->data;
struct netup_unidvb_dev *dev = state->dev;
u16 shift = (state->nr == 1) ? CAM1_SHIFT : 0;
u16 ci_stat = 0;
Reported by FlawFinder.
drivers/mmc/core/bus.h
1 issues
Line: 20
Column: 9
CWE codes:
134
Suggestion:
Make format string constant
static ssize_t mmc_##name##_show (struct device *dev, struct device_attribute *attr, char *buf) \
{ \
struct mmc_card *card = mmc_dev_to_card(dev); \
return sprintf(buf, fmt, args); \
} \
static DEVICE_ATTR(name, S_IRUGO, mmc_##name##_show, NULL)
struct mmc_card *mmc_alloc_card(struct mmc_host *host,
struct device_type *type);
Reported by FlawFinder.
drivers/media/pci/mantis/mantis_cards.c
1 issues
Line: 50
Column: 8
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#define DRIVER_NAME "Mantis"
static char *label[10] = {
"DMA",
"IRQ-0",
"IRQ-1",
"OCERR",
"PABRT",
Reported by FlawFinder.
drivers/media/pci/mantis/mantis_ca.c
1 issues
Line: 116
Column: 77
CWE codes:
362
return 0;
}
static int mantis_slot_status(struct dvb_ca_en50221 *en50221, int slot, int open)
{
struct mantis_ca *ca = en50221->data;
struct mantis_pci *mantis = ca->ca_priv;
dprintk(MANTIS_DEBUG, 1, "Slot(%d): Poll Slot status", slot);
Reported by FlawFinder.
drivers/media/pci/mantis/hopper_cards.c
1 issues
Line: 39
Column: 8
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#define DRIVER_NAME "Hopper"
static char *label[10] = {
"DMA",
"IRQ-0",
"IRQ-1",
"OCERR",
"PABRT",
Reported by FlawFinder.
drivers/net/ethernet/chelsio/cxgb4/cxgb4_uld.h
1 issues
Line: 474
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
};
struct cxgb4_uld_info {
char name[IFNAMSIZ];
void *handle;
unsigned int nrxq;
unsigned int rxq_size;
unsigned int ntxq;
bool ciq;
Reported by FlawFinder.
drivers/media/pci/ivtv/ivtv-udma.c
1 issues
Line: 49
Column: 4
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
return -1;
local_irq_save(flags);
src = kmap_atomic(dma->map[map_offset]) + offset;
memcpy(page_address(dma->bouncemap[map_offset]) + offset, src, len);
kunmap_atomic(src);
local_irq_restore(flags);
sg_set_page(&dma->SGlist[map_offset], dma->bouncemap[map_offset], len, offset);
}
else {
Reported by FlawFinder.
drivers/mmc/host/jz4740_mmc.c
1 issues
Line: 577
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
}
if (unlikely(i > 0)) {
d = readl(fifo_addr);
memcpy(buf, &d, i);
}
}
data->bytes_xfered += miter->length;
/* This can go away once MIPS implements
Reported by FlawFinder.
drivers/media/pci/intel/ipu3/ipu3-cio2-main.c
1 issues
Line: 1587
Column: 2
CWE codes:
134
Suggestion:
Use a constant for the format specification
v4l2_subdev_init(subdev, &cio2_subdev_ops);
subdev->flags = V4L2_SUBDEV_FL_HAS_DEVNODE | V4L2_SUBDEV_FL_HAS_EVENTS;
subdev->owner = THIS_MODULE;
snprintf(subdev->name, sizeof(subdev->name),
CIO2_ENTITY_NAME " %td", q - cio2->queue);
subdev->entity.function = MEDIA_ENT_F_VID_IF_BRIDGE;
v4l2_set_subdevdata(subdev, cio2);
r = v4l2_device_register_subdev(&cio2->v4l2_dev, subdev);
if (r) {
Reported by FlawFinder.
drivers/mmc/host/mmc_spi.c
1 issues
Line: 253
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
u8 leftover = 0;
unsigned short rotator;
int i;
char tag[32];
snprintf(tag, sizeof(tag), " ... CMD%d response SPI_%s",
cmd->opcode, maptype(cmd));
/* Except for data block reads, the whole response will already
Reported by FlawFinder.