The following issues were found

drivers/mmc/host/tmio_mmc.h
1 issues
Using argument flags that points at uninitialized variable flags
Error

Line: 210 CWE codes: 908 

              static inline char *tmio_mmc_kmap_atomic(struct scatterlist *sg,
					 unsigned long *flags)
{
	local_irq_save(*flags);
	return kmap_atomic(sg_page(sg)) + sg->offset;
}

static inline void tmio_mmc_kunmap_atomic(struct scatterlist *sg,
					  unsigned long *flags, void *virt)

Reported by Cppcheck.

drivers/net/ethernet/dnet.c
1 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 96 Column: 3 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

              	*((__be16 *)(addr + 4)) = cpu_to_be16(tmp);

	if (is_valid_ether_addr(addr))
		memcpy(bp->dev->dev_addr, addr, sizeof(addr));
}

static int dnet_mdio_read(struct mii_bus *bus, int mii_id, int regnum)
{
	struct dnet *bp = bus->priv;

Reported by FlawFinder.

drivers/media/pci/cx88/cx88-tvaudio.c
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 61 Column: 14 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              } while (0)
/* ----------------------------------------------------------- */

static const char * const aud_ctl_names[64] = {
	[EN_BTSC_FORCE_MONO] = "BTSC_FORCE_MONO",
	[EN_BTSC_FORCE_STEREO] = "BTSC_FORCE_STEREO",
	[EN_BTSC_FORCE_SAP] = "BTSC_FORCE_SAP",
	[EN_BTSC_AUTO_STEREO] = "BTSC_AUTO_STEREO",
	[EN_BTSC_AUTO_SAP] = "BTSC_AUTO_SAP",

Reported by FlawFinder.

drivers/mtd/chips/cfi_cmdset_0001.c
1 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 774 Column: 3 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

              			kfree(newcfi);
			return -ENOMEM;
		}
		memcpy(newcfi, cfi, sizeof(struct cfi_private));
		newcfi->numchips = numvirtchips;
		newcfi->chipshift = partshift;

		chip = &newcfi->chips[0];
		for (i = 0; i < cfi->numchips; i++) {

Reported by FlawFinder.

drivers/media/cec/core/cec-adap.c
1 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 1195 Column: 4 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

              				continue;

			/* We got a reply */
			memcpy(dst->msg, msg->msg, msg->len);
			dst->len = msg->len;
			dst->rx_ts = msg->rx_ts;
			dst->rx_status = msg->rx_status;
			if (abort)
				dst->rx_status |= CEC_RX_STATUS_FEATURE_ABORT;

Reported by FlawFinder.

drivers/mtd/chips/cfi_util.c
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 324 Column: 14 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              	cfi_qry_mode_on(base, map, cfi);
	/* Read in the Extended Query Table */
	for (i=0; i<size; i++) {
		((unsigned char *)extp)[i] =
			cfi_read_query(map, base+((adr+i)*ofs_factor));
	}

	/* Make sure it returns to read mode */
	cfi_qry_mode_off(base, map, cfi);

Reported by FlawFinder.

drivers/mtd/chips/gen_probe.c
1 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 146 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

              		return NULL;
	}

	memcpy(retcfi, &cfi, sizeof(cfi));
	memset(&retcfi->chips[0], 0, sizeof(struct flchip) * cfi.numchips);

	for (i = 0, j = 0; (j < cfi.numchips) && (i < max_chips); i++) {
		if(test_bit(i, chip_map)) {
			struct flchip *pchip = &retcfi->chips[j++];

Reported by FlawFinder.

drivers/media/pci/cx88/cx88-i2c.c
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 99 Column: 14 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              
/* ----------------------------------------------------------------------- */

static const char * const i2c_devs[128] = {
	[0x1c >> 1] = "lgdt330x",
	[0x86 >> 1] = "tda9887/cx22702",
	[0xa0 >> 1] = "eeprom",
	[0xc0 >> 1] = "tuner (analog)",
	[0xc2 >> 1] = "tuner (analog/dvb)",

Reported by FlawFinder.

drivers/media/pci/cx88/cx88-cards.c
1 issues
sprintf - Does not check for buffer overflows
Security

Line: 3716 Column: 2 CWE codes: 120
Suggestion: Use sprintf_s, snprintf, or vsnprintf 

              	mutex_init(&core->lock);

	core->nr = nr;
	sprintf(core->name, "cx88[%d]", core->nr);

	/*
	 * Note: Setting initial standard here would cause first call to
	 * cx88_set_tvnorm() to return without programming any registers.  Leave
	 * it blank for at this point and it will get set later in

Reported by FlawFinder.

drivers/media/pci/cx25821/cx25821.h
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 247 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              
	/* board details */
	unsigned int board;
	char name[32];

	/* Analog video */
	unsigned int input;
	v4l2_std_id tvnorm;
	unsigned short _max_num_decoders;

Reported by FlawFinder.