Line: 185 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

              	priv->i2c_address = addr;
	priv->i2c = i2c;

	memcpy(&fe->ops.tuner_ops, &tua6100_tuner_ops, sizeof(struct dvb_tuner_ops));
	fe->tuner_priv = priv;
	return fe;
}
EXPORT_SYMBOL(tua6100_attach);


            

Line: 683 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

              	dev_info(&client->dev,
		 "Montage Technology %s successfully identified\n", chip_str);

	memcpy(&fe->ops.tuner_ops, &ts2020_tuner_ops,
			sizeof(struct dvb_tuner_ops));
	if (!pdata->attach_in_use)
		fe->ops.tuner_ops.release = NULL;

	i2c_set_clientdata(client, dev);

            

Line: 161 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

              	priv->i2c = i2c;
	priv->has_loopthrough = has_loopthrough;

	memcpy(&fe->ops.tuner_ops, &tda826x_tuner_ops, sizeof(struct dvb_tuner_ops));

	fe->tuner_priv = priv;

	return fe;
}

            

Line: 99 Column: 11 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              };

struct cxgbi_tag_format {
	unsigned char pgsz_order[DDP_PGIDX_MAX];
	unsigned char pgsz_idx_dflt;
	unsigned char free_bits:4;
	unsigned char color_bits:4;
	unsigned char idx_bits;
	unsigned char rsvd_bits;

            

Line: 431 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

              	if ((tda8083_readreg(state, 0x00)) != 0x05) goto error;

	/* create dvb_frontend */
	memcpy(&state->frontend.ops, &tda8083_ops, sizeof(struct dvb_frontend_ops));
	state->frontend.demodulator_priv = state;
	return &state->frontend;

error:
	kfree(state);

            

Line: 538 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

              	int actual_length;

	/* Copy payload */
	memcpy(&dev->tx_msg_buffer[CPC_HEADER_SIZE], msg,
	       msg->length + CPC_MSG_HEADER_LEN);

	/* Clear header */
	memset(&dev->tx_msg_buffer[0], 0, CPC_HEADER_SIZE);


            

Line: 1202 Column: 4 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

              	    likely(boot_cpu_data.x86_clflush_size == 64) &&
	    likely(size >= 768)) {
		do {
			memcpy((void *)dest, (void *)source, 64);
			clflushopt((void *)dest);
			dest += 64;
			source += 64;
			size -= 64;
		} while (size >= 64);

            

Line: 382 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

              	tx_can_msg->channel_no = priv->channel_idx + ES581_4_CHANNEL_IDX_OFFSET;
	tx_can_msg->dlc = can_get_cc_dlc(cf, priv->can.ctrlmode);

	memcpy(tx_can_msg->data, cf->data, cf->len);

	/* Calculate new sizes. */
	es581_4_urb_cmd->bulk_tx_can_msg.num_can_msg++;
	msg_len += es581_4_sizeof_rx_tx_msg(*tx_can_msg);
	priv->tx_urb->transfer_buffer_length = es58x_get_urb_cmd_len(es58x_dev,

            

Line: 749 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

              	if (dev == NULL)
		return NULL;

	memcpy(dev->dev_addr, data->dev_addr, ETH_ALEN);

	dev->ethtool_ops = &ep93xx_ethtool_ops;
	dev->netdev_ops = &ep93xx_netdev_ops;

	dev->features |= NETIF_F_SG | NETIF_F_HW_CSUM;

            

Line: 544 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

              	if (!is_valid_ether_addr(saddr->sa_data))
		return -EADDRNOTAVAIL;

	memcpy(dev->dev_addr, saddr->sa_data, ETH_ALEN);
	netdev_info(dev, "Setting MAC address to %pM\n", dev->dev_addr);

	/* set the Ethernet address */
	for (i=0; i < ETH_ALEN/2; i++)
		writereg(dev, PP_IA+i*2, dev->dev_addr[i*2] | (dev->dev_addr[i*2+1] << 8));