The following issues were found
drivers/usb/c67x00/c67x00-hcd.c
1 issues
Line: 216
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
case GetHubDescriptor:
len = min_t(unsigned int, sizeof(c67x00_hub_des), wLength);
memcpy(buf, c67x00_hub_des, len);
break;
default:
dev_dbg(c67x00_hcd_dev(c67x00), "%s: unknown\n", __func__);
return -EPIPE;
Reported by FlawFinder.
drivers/usb/cdns3/cdns3-ep0.c
1 issues
Line: 878
Column: 2
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
int cdns3_init_ep0(struct cdns3_device *priv_dev,
struct cdns3_endpoint *priv_ep)
{
sprintf(priv_ep->name, "ep0");
/* fill linux fields */
priv_ep->endpoint.ops = &cdns3_gadget_ep0_ops;
priv_ep->endpoint.maxburst = 1;
usb_ep_set_maxpacket_limit(&priv_ep->endpoint,
Reported by FlawFinder.
drivers/usb/cdns3/cdns3-gadget.h
1 issues
Line: 1146
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
dma_addr_t trb_pool_dma;
struct cdns3_device *cdns3_dev;
char name[20];
#define EP_ENABLED BIT(0)
#define EP_STALLED BIT(1)
#define EP_STALL_PENDING BIT(2)
#define EP_WEDGE BIT(3)
Reported by FlawFinder.
drivers/usb/cdns3/cdnsp-gadget.h
1 issues
Line: 822
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
u8 number;
u8 idx;
u32 interval;
char name[20];
u8 direction;
u8 buffering;
u8 buffering_period;
struct cdnsp_ep_ctx *in_ctx;
struct cdnsp_ep_ctx *out_ctx;
Reported by FlawFinder.
drivers/usb/chipidea/ci.h
1 issues
Line: 92
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
u8 dir;
u8 num;
u8 type;
char name[16];
struct {
struct list_head queue;
struct ci_hw_qh *ptr;
dma_addr_t dma;
} qh;
Reported by FlawFinder.
drivers/usb/chipidea/trace.h
1 issues
Line: 35
Column: 3
CWE codes:
134
Suggestion:
Use a constant for the format specification
),
TP_fast_assign(
__assign_str(name, dev_name(ci->dev));
vsnprintf(__get_str(msg), CHIPIDEA_MSG_MAX, vaf->fmt, *vaf->va);
),
TP_printk("%s: %s", __get_str(name), __get_str(msg))
);
DECLARE_EVENT_CLASS(ci_log_trb,
Reported by FlawFinder.
drivers/usb/class/usblp.c
1 issues
Line: 1114
Column: 9
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
usblp->device_id_string[1] == 0)
return 0;
return sprintf(buf, "%s", usblp->device_id_string+2);
}
static DEVICE_ATTR_RO(ieee1284_id);
static struct attribute *usblp_attrs[] = {
Reported by FlawFinder.
drivers/usb/class/usbtmc.c
1 issues
Line: 1860
Column: 9
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
struct usb_interface *intf = to_usb_interface(dev); \
struct usbtmc_device_data *data = usb_get_intfdata(intf); \
\
return sprintf(buf, "%d\n", data->capabilities.name); \
} \
static DEVICE_ATTR_RO(name)
capability_attribute(interface_capabilities);
capability_attribute(device_capabilities);
Reported by FlawFinder.
drivers/usb/core/buffer.c
1 issues
Line: 67
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
*/
int hcd_buffer_create(struct usb_hcd *hcd)
{
char name[16];
int i, size;
if (hcd->localmem_pool || !hcd_uses_dma(hcd))
return 0;
Reported by FlawFinder.
drivers/video/fbdev/mx3fb.c
1 issues
Line: 742
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
struct fb_fix_screeninfo *fix = &fbi->fix;
struct fb_var_screeninfo *var = &fbi->var;
memcpy(fix->id, "DISP3 BG", 8);
fix->line_length = var->xres_virtual * var->bits_per_pixel / 8;
fix->type = FB_TYPE_PACKED_PIXELS;
fix->accel = FB_ACCEL_NONE;
Reported by FlawFinder.