The following issues were found
drivers/video/fbdev/cg6.c
1 issues
Line: 641
Column: 2
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
cg6_card_name = "GX+";
}
sprintf(info->fix.id, "%s %s", cg6_card_name, cg6_cpu_name);
info->fix.id[sizeof(info->fix.id) - 1] = 0;
info->fix.type = FB_TYPE_PACKED_PIXELS;
info->fix.visual = FB_VISUAL_PSEUDOCOLOR;
Reported by FlawFinder.
drivers/video/fbdev/controlfb.c
1 issues
Line: 792
Column: 2
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
fb_alloc_cmap(&info->cmap, 256, 0);
/* Fill fix common fields */
strcpy(info->fix.id, "control");
info->fix.mmio_start = p->control_regs_phys;
info->fix.mmio_len = sizeof(struct control_regs);
info->fix.type = FB_TYPE_PACKED_PIXELS;
info->fix.smem_start = p->frame_buffer_phys + CTRLFB_OFF;
info->fix.smem_len = p->total_vram - CTRLFB_OFF;
Reported by FlawFinder.
drivers/scsi/ncr53c8xx.h
1 issues
Line: 531
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
u8 host_id;
u16 iarb;
u32 excludes[SCSI_NCR_MAX_EXCLUDES];
char tag_ctrl[100];
};
/*
** Initial setup.
** Can be overridden at startup by a command line.
Reported by FlawFinder.
drivers/scsi/mvumi.h
1 issues
Line: 151
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct mvumi_event_req {
unsigned char count;
unsigned char reserved[3];
struct mvumi_driver_event events[MAX_EVENTS_RETURNED];
};
struct mvumi_events_wq {
struct work_struct work_q;
Reported by FlawFinder.
drivers/video/fbdev/core/fbmem.c
1 issues
Line: 1188
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#ifdef CONFIG_COMPAT
struct fb_fix_screeninfo32 {
char id[16];
compat_caddr_t smem_start;
u32 smem_len;
u32 type;
u32 type_aux;
u32 visual;
Reported by FlawFinder.
drivers/video/fbdev/core/fbmon.c
1 issues
Line: 215
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
switch (fix) {
case FBMON_FIX_HEADER:
printk("fbmon: trying a header reconstruct\n");
memcpy(edid, edid_v1_header, 8);
break;
case FBMON_FIX_INPUT:
printk("fbmon: trying to fix input type\n");
b = edid + EDID_STRUCT_DISPLAY;
b[0] &= ~0x80;
Reported by FlawFinder.
drivers/video/fbdev/core/fbsysfs.c
1 issues
Line: 129
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
const char *buf, size_t count)
{
struct fb_info *fb_info = dev_get_drvdata(device);
char mstr[100];
struct fb_var_screeninfo var;
struct fb_modelist *modelist;
struct fb_videomode *mode;
struct list_head *pos;
size_t i;
Reported by FlawFinder.
drivers/video/fbdev/core/softcursor.c
1 issues
Line: 70
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
break;
}
} else
memcpy(src, image->data, dsize);
fb_pad_aligned_buffer(dst, d_pitch, src, s_pitch, image->height);
image->data = dst;
info->fbops->fb_imageblit(info, image);
return 0;
Reported by FlawFinder.
drivers/video/fbdev/da8xx-fb.c
1 issues
Line: 1228
Column: 4
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (fb_check_var(&new_var, fbi))
ret = -EINVAL;
else {
memcpy(&fbi->var, &new_var, sizeof(new_var));
start = fix->smem_start +
new_var.yoffset * fix->line_length +
new_var.xoffset * fbi->var.bits_per_pixel / 8;
end = start + fbi->var.yres * fix->line_length - 1;
Reported by FlawFinder.
drivers/video/fbdev/efifb.c
1 issues
Line: 314
Column: 9
CWE codes:
134
Suggestion:
Make format string constant
struct device_attribute *attr, \
char *buf) \
{ \
return sprintf(buf, fmt "\n", (screen_info.lfb_##name)); \
} \
static DEVICE_ATTR_RO(name)
efifb_attr_decl(base, "0x%x");
efifb_attr_decl(linelength, "%u");
Reported by FlawFinder.