The following issues were found
drivers/staging/rtl8188eu/hal/fw.c
1 issues
Line: 175
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
return -ENOMEM;
}
memcpy(fw_data, fw->data, fw->size);
memset(fw_data + fw->size, 0, trailing_zeros_length);
pfwheader = (struct rtl92c_firmware_header *)fw_data;
if (IS_FW_HEADER_EXIST(pfwheader)) {
Reported by FlawFinder.
drivers/staging/rtl8188eu/hal/usb_halinit.c
1 issues
Line: 969
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
eeprom->mac_addr[i] = sMacAddr[i];
} else {
/* Read Permanent MAC address */
memcpy(eeprom->mac_addr, &hwinfo[EEPROM_MAC_ADDR_88EU], ETH_ALEN);
}
}
static void readAdapterInfo_8188EU(struct adapter *adapt)
{
Reported by FlawFinder.
drivers/staging/rtl8188eu/include/ieee80211.h
1 issues
Line: 216
Column: 5
CWE codes:
327
Suggestion:
Use a different algorithm, such as SHA-256, with a larger, non-repeating salt
u8 seq[8]; /* sequence counter (set: RX, get: TX) */
u16 key_len;
u8 key[0];
} crypt;
#ifdef CONFIG_88EU_AP_MODE
struct {
u16 aid;
u16 capability;
int flags;
Reported by FlawFinder.
drivers/video/fbdev/geode/lxfb_core.c
1 issues
Line: 414
Column: 2
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
par = info->par;
strcpy(info->fix.id, "Geode LX");
info->fix.type = FB_TYPE_PACKED_PIXELS;
info->fix.type_aux = 0;
info->fix.xpanstep = 0;
info->fix.ypanstep = 0;
Reported by FlawFinder.
drivers/staging/rtl8188eu/include/sta_info.h
1 issues
Line: 136
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
unsigned int expire_to;
unsigned int auth_seq;
unsigned int authalg;
unsigned char chg_txt[128];
u16 capability;
int flags;
int dot8021xalg;/* 0:disable, 1:psk, 2:802.1x */
Reported by FlawFinder.
drivers/staging/gdm724x/gdm_mux.c
1 issues
Line: 377
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
mux_header->payload_size = __cpu_to_le32((u32)len);
mux_header->packet_type = __cpu_to_le16(packet_type_for_tty_index[tty_index]);
memcpy(t->buf + MUX_HEADER_SIZE, data, len);
memset(t->buf + MUX_HEADER_SIZE + len, 0,
total_len - MUX_HEADER_SIZE - len);
t->len = total_len;
t->callback = cb;
Reported by FlawFinder.
drivers/staging/rtl8188eu/os_dep/osdep_service.c
1 issues
Line: 50
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
dup = rtw_malloc(src_len);
if (dup) {
dup_len = src_len;
memcpy(dup, src, dup_len);
}
keep_ori:
ori = *buf;
Reported by FlawFinder.
drivers/staging/rtl8188eu/os_dep/recv_linux.c
1 issues
Line: 56
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
ev.flags |= IW_MICFAILURE_PAIRWISE;
ev.src_addr.sa_family = ARPHRD_ETHER;
memcpy(ev.src_addr.sa_data, &pmlmepriv->assoc_bssid[0], ETH_ALEN);
memset(&wrqu, 0x00, sizeof(wrqu));
wrqu.data.length = sizeof(ev);
wireless_send_event(padapter->pnetdev, IWEVMICHAELMICFAILURE,
&wrqu, (char *)&ev);
}
Reported by FlawFinder.
drivers/video/fbdev/geode/lxfb_ops.c
1 issues
Line: 760
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
write_vp(par, VP_PDR, par->vp_pal[i]);
/* restore video coeff ram */
memcpy(par->vp_regs + VP_VCR, par->vp_coeff, sizeof(par->vp_coeff));
}
static void lx_restore_regs(struct lxfb_par *par)
{
int i;
Reported by FlawFinder.
drivers/staging/rtl8188eu/os_dep/usb_intf.c
1 issues
Line: 376
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
netif_carrier_off(pnetdev);
rtw_macaddr_cfg(padapter->eeprompriv.mac_addr);
memcpy(pnetdev->dev_addr, padapter->eeprompriv.mac_addr, ETH_ALEN);
pr_debug("MAC Address from pnetdev->dev_addr = %pM\n",
pnetdev->dev_addr);
/* step 6. Tell the network stack we exist */
err = register_netdev(pnetdev);
Reported by FlawFinder.