The following issues were found
drivers/thermal/rockchip_thermal.c
1 issues
Line: 928
}
static const struct rockchip_tsadc_chip px30_tsadc_data = {
.chn_id[SENSOR_CPU] = 0, /* cpu sensor is channel 0 */
.chn_id[SENSOR_GPU] = 1, /* gpu sensor is channel 1 */
.chn_num = 2, /* 2 channels for tsadc */
.tshut_mode = TSHUT_MODE_CRU, /* default TSHUT via CRU */
.tshut_temp = 95000,
Reported by Cppcheck.
drivers/thermal/sprd_thermal.c
1 issues
Line: 142
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
return -EINVAL;
}
memcpy(val, buf, len);
kfree(buf);
return 0;
}
Reported by FlawFinder.
drivers/soc/qcom/wcnss_ctrl.c
1 issues
Line: 239
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
req->hdr.len = sizeof(*req) + left;
}
memcpy(req->fragment, data, req->frag_size);
ret = rpmsg_send(wcnss->channel, req, req->hdr.len);
if (ret < 0) {
dev_err(dev, "failed to send smd packet\n");
goto release_fw;
Reported by FlawFinder.
drivers/thunderbolt/debugfs.c
1 issues
Line: 675
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
tb_switch_for_each_port(sw, port) {
struct dentry *debugfs_dir;
char dir_name[10];
if (port->disabled)
continue;
if (port->config.type == TB_TYPE_INACTIVE)
continue;
Reported by FlawFinder.
drivers/soc/qcom/smsm.c
1 issues
Line: 346
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct device_node *syscon;
struct device_node *node = smsm->dev->of_node;
struct smsm_host *host = &smsm->hosts[host_id];
char key[16];
int ret;
snprintf(key, sizeof(key), "qcom,ipc-%d", host_id);
syscon = of_parse_phandle(node, key, 0);
if (!syscon)
Reported by FlawFinder.
drivers/soc/qcom/rpmh.c
1 issues
Line: 209
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (!cmd || !n || n > MAX_RPMH_PAYLOAD)
return -EINVAL;
memcpy(req->cmd, cmd, n * sizeof(*cmd));
req->msg.state = state;
req->msg.cmds = req->cmd;
req->msg.num_cmds = n;
Reported by FlawFinder.
drivers/soc/qcom/rpmh-rsc.c
1 issues
Line: 914
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct device_node *dn = pdev->dev.of_node;
struct rsc_drv *drv;
struct resource *res;
char drv_id[10] = {0};
int ret, irq;
u32 solver_config;
void __iomem *base;
/*
Reported by FlawFinder.
drivers/tty/goldfish.c
1 issues
Line: 395
Column: 2
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
goto err_tty_register_device_failed;
}
strcpy(qtty->console.name, "ttyGF");
qtty->console.write = goldfish_tty_console_write;
qtty->console.device = goldfish_tty_console_device;
qtty->console.setup = goldfish_tty_console_setup;
qtty->console.flags = CON_PRINTBUFFER;
qtty->console.index = line;
Reported by FlawFinder.
drivers/scsi/mesh.c
1 issues
Line: 1307
Column: 10
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
if (dtot == 0) {
/* Either the target has overrun our buffer,
or the caller didn't provide a buffer. */
static char mesh_extra_buf[64];
dtot = sizeof(mesh_extra_buf);
dcmds->req_count = cpu_to_le16(dtot);
dcmds->phy_addr = cpu_to_le32(virt_to_phys(mesh_extra_buf));
dcmds->xfer_status = 0;
Reported by FlawFinder.
drivers/soc/qcom/cpr.c
1 issues
Line: 1273
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
return ERR_PTR(-ENOMEM);
for (i = 0; i < desc->num_fuse_corners; i++) {
char tbuf[32];
snprintf(tbuf, 32, "cpr_ring_osc%d", i + 1);
fuses[i].ring_osc = devm_kstrdup(drv->dev, tbuf, GFP_KERNEL);
if (!fuses[i].ring_osc)
return ERR_PTR(-ENOMEM);
Reported by FlawFinder.