The following issues were found
drivers/md/persistent-data/dm-transaction-manager.c
1 issues
Line: 296
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
return r;
}
memcpy(dm_block_data(*result), dm_block_data(orig_block),
dm_bm_block_size(tm->bm));
dm_bm_unlock(orig_block);
return r;
}
Reported by FlawFinder.
drivers/md/persistent-data/dm-space-map-disk.c
1 issues
Line: 192
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (max < sizeof(root_le))
return -ENOSPC;
memcpy(where_le, &root_le, sizeof(root_le));
return 0;
}
/*----------------------------------------------------------------*/
Reported by FlawFinder.
drivers/media/pci/cx18/cx18-ioctl.c
1 issues
Line: 351
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
return ret;
/* Store our current v4l2 sliced VBI settings */
cx->vbi.in.type = V4L2_BUF_TYPE_SLICED_VBI_CAPTURE;
memcpy(cx->vbi.sliced_in, vbifmt, sizeof(*cx->vbi.sliced_in));
return 0;
}
#ifdef CONFIG_VIDEO_ADV_DEBUG
static int cx18_g_register(struct file *file, void *fh,
Reported by FlawFinder.
drivers/mtd/nand/raw/atmel/nand-controller.c
1 issues
Line: 696
NAND_OP_PARSER_PATTERN(atmel_hsmc_exec_rw,
NAND_OP_PARSER_PAT_DATA_OUT_ELEM(false, 0)),
NAND_OP_PARSER_PATTERN(atmel_hsmc_exec_waitrdy,
NAND_OP_PARSER_PAT_WAITRDY_ELEM(false)),
);
static int atmel_hsmc_nand_exec_op(struct atmel_nand *nand,
const struct nand_operation *op,
bool check_only)
Reported by Cppcheck.
drivers/mtd/nand/raw/fsmc_nand.c
1 issues
Line: 732
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
j += len;
}
memcpy(&ecc_code[i], oob, chip->ecc.bytes);
chip->ecc.calculate(chip, p, &ecc_calc[i]);
stat = chip->ecc.correct(chip, p, &ecc_code[i], &ecc_calc[i]);
if (stat < 0) {
mtd->ecc_stats.failed++;
Reported by FlawFinder.
drivers/mtd/nand/raw/gpio.c
1 issues
Line: 251
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
return ret;
if (dev_get_platdata(dev)) {
memcpy(plat, dev_get_platdata(dev), sizeof(*plat));
return 0;
}
return -EINVAL;
}
Reported by FlawFinder.
drivers/media/pci/cobalt/cobalt-driver.h
1 issues
Line: 286
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
int first_fifo_channel;
bool pci_32_bit;
char hdl_info[COBALT_HDL_INFO_SIZE];
/* NOR flash */
struct mtd_info *mtd;
};
Reported by FlawFinder.
drivers/media/pci/bt8xx/dvb-bt8xx.h
1 issues
Line: 32
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct dvb_bt8xx_card {
struct mutex lock;
int nfeeds;
char card_name[32];
struct dvb_adapter dvb_adapter;
struct bt878 *bt;
unsigned int bttv_nr;
struct dvb_demux demux;
struct dmxdev dmxdev;
Reported by FlawFinder.
drivers/media/pci/bt8xx/dst_common.h
1 issues
Line: 129
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
u32 tuner_type;
char *tuner_name;
struct mutex dst_mutex;
char fw_name[8];
struct dvb_device *dst_ca;
};
struct tuner_types {
u32 tuner_type;
Reported by FlawFinder.
drivers/mtd/nand/raw/mtk_ecc.c
1 issues
Line: 415
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
round_up(len, 4));
/* copy into possibly unaligned OOB region with actual length */
memcpy(data + bytes, ecc->eccdata, len);
timeout:
dma_unmap_single(ecc->dev, addr, bytes, DMA_TO_DEVICE);
mtk_ecc_disable(ecc);
Reported by FlawFinder.