The following issues were found
drivers/net/ethernet/marvell/octeontx2/nic/otx2_txrx.c
1 issues
Line: 460
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
dma_wmb();
do {
memcpy(sq->lmt_addr, sq->sqe_base, size);
status = otx2_lmt_flush(sq->io_addr);
} while (status == 0);
sq->head++;
sq->head &= (sq->sqe_cnt - 1);
Reported by FlawFinder.
drivers/net/wireless/ath/ath6kl/core.c
1 issues
Line: 324
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
skb_queue_head_init(&ar->mcastpsq);
memcpy(ar->ap_country_code, DEF_AP_COUNTRY_CODE, 3);
return ar;
}
EXPORT_SYMBOL(ath6kl_core_create);
Reported by FlawFinder.
drivers/net/wireless/ath/ath6kl/core.h
1 issues
Line: 567
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#define ATH6K_MAX_MC_FILTERS_PER_LIST 7
struct ath6kl_mc_filter {
struct list_head list;
char hw_addr[ATH6KL_MCAST_FILTER_MAC_ADDR_SIZE];
};
struct ath6kl_htcap {
bool ht_enable;
u8 ampdu_factor;
Reported by FlawFinder.
drivers/net/ethernet/intel/ice/ice_ptp.c
1 issues
Line: 680
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
/* Store the value if requested */
if (store) {
memcpy(&pf->ptp.perout_channels[chan], config,
sizeof(struct ice_perout_channel));
pf->ptp.perout_channels[chan].start_time = phase;
}
return 0;
Reported by FlawFinder.
drivers/net/ethernet/huawei/hinic/hinic_debugfs.h
1 issues
Line: 29
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
unsigned int lt_index;
unsigned int offset;
unsigned int len;
unsigned char data[100];
};
struct tag_sml_funcfg_tbl {
union {
struct {
Reported by FlawFinder.
drivers/net/wireless/ath/ath6kl/hif.h
1 issues
drivers/net/ethernet/qlogic/qed/qed_init_ops.c
1 issues
Line: 559
Column: 41
CWE codes:
120
20
b_dmae);
break;
case INIT_OP_READ:
qed_init_cmd_rd(p_hwfn, p_ptt, &cmd->read);
break;
case INIT_OP_IF_MODE:
cmd_num += qed_init_cmd_mode(p_hwfn, &cmd->if_mode,
modes);
break;
Reported by FlawFinder.
drivers/net/wireless/ath/ath6kl/htc_pipe.c
1 issues
Line: 1047
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
target->pipe.ctrl_response_valid = true;
target->pipe.ctrl_response_len = min_t(int, netlen,
HTC_MAX_CTRL_MSG_LEN);
memcpy(target->pipe.ctrl_response_buf, netdata,
target->pipe.ctrl_response_len);
spin_unlock_bh(&target->rx_lock);
dev_kfree_skb(skb);
Reported by FlawFinder.
drivers/net/ethernet/qlogic/qed/qed_init_fw_funcs.c
1 issues
Line: 1639
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
buf_offset += OVERLAY_HDR_SIZE_DWORDS;
/* Copy Storm's overlays buffer to allocated memory */
memcpy(storm_mem_desc->virt_addr,
&fw_overlay_in_buf[buf_offset], storm_mem_desc->size);
/* Advance to next Storm */
buf_offset += storm_buf_size;
}
Reported by FlawFinder.
drivers/net/ethernet/qlogic/qed/qed_hsi.h
1 issues
Line: 2967
Column: 25
CWE codes:
120
20
union init_op {
struct init_raw_op raw;
struct init_write_op write;
struct init_read_op read;
struct init_if_mode_op if_mode;
struct init_if_phase_op if_phase;
struct init_callback_op callback;
struct init_delay_op delay;
};
Reported by FlawFinder.