Line: 178 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

              	pre_act->group_id = cpu_to_be16(group->group_id);
	temp_vers = cpu_to_be32(priv->nfp_lag.batch_ver <<
				NFP_FL_PRE_LAG_VER_OFF);
	memcpy(pre_act->lag_version, &temp_vers, 3);
	pre_act->instance = group->group_inst;
	mutex_unlock(&priv->nfp_lag.lock);

	return 0;
}

            

Line: 345 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

              	if (err)
		goto out;

	memcpy(in, out, sz);
	MLX5_SET(pptb_reg, in, local_port, 1);

	/* Update the pm and prio_x_buff */
	MLX5_SET(pptb_reg, in, pm, 0xFF);


            

Line: 49 Column: 20 CWE codes: 134
Suggestion: Use a constant for the format specification

              	    TP_fast_assign(
		    __assign_str(device, wiphy_name(wiphy));
		    __assign_str(driver, KBUILD_MODNAME);
		    WARN_ON_ONCE(vsnprintf(__get_dynamic_array(msg),
					   ATH_DBG_MAX_LEN,
					   vaf->fmt,
					   *vaf->va) >= ATH_DBG_MAX_LEN);
	    ),


            

Line: 441 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

              nfp_bpf_perf_event_copy(void *dst, const void *src,
			unsigned long off, unsigned long len)
{
	memcpy(dst, src + off, len);
	return 0;
}

int nfp_bpf_event_output(struct nfp_app_bpf *bpf, const void *data,
			 unsigned int len)

            

Line: 768 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

              	ctl_bd->skb = NULL;

	/* write buffer descriptor */
	memcpy(ctl_bd->bd_cpu_addr, bd, sizeof(*bd));

	/* Set source address of the BD we send */
	desc_bd->src_addr_l = ctl_bd->bd_phy_addr;
	desc_bd->dst_addr_l = ch->dxe_wq;
	desc_bd->fr_len = sizeof(struct wcn36xx_tx_bd);

            

Line: 67 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              struct hclge_misc_vector {
	u8 __iomem *addr;
	int vector_irq;
	char name[HNAE3_INT_NAME_LEN];
};

struct hclge_cmq {
	struct hclge_cmq_ring csq;
	struct hclge_cmq_ring crq;

            

Line: 230 Column: 3 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

              	 * bounce buffer to hw mbox memory.
	 */
	if (mdev->mbase != hw_mbase)
		memcpy(hw_mbase + mbox->tx_start + msgs_offset,
		       mdev->mbase + mbox->tx_start + msgs_offset,
		       mdev->msg_size);

	spin_lock(&mdev->mbox_lock);


            

Line: 290 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

              		status.rate_idx = 0;
	}

	memcpy(IEEE80211_SKB_RXCB(skb), &status, sizeof(status));

	if (ieee80211_is_beacon(hdr->frame_control)) {
		wcn36xx_dbg(WCN36XX_DBG_BEACON, "beacon skb %p len %d fc %04x sn %d\n",
			    skb, skb->len, fc, sn);
		wcn36xx_dbg_dump(WCN36XX_DBG_BEACON_DUMP, "SKB <<< ",

            

Line: 549 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              	u16 num_tqps;	/* total number of tqps in TQP vector */
	struct irq_affinity_notify affinity_notify;

	char name[HNAE3_INT_NAME_LEN];

	u64 event_cnt;
} ____cacheline_internodealigned_in_smp;

struct hns3_nic_priv {

            

Line: 4462 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

              		return;

	nfp_prog->__prog_alloc_len = nfp_prog->prog_len * sizeof(u64);
	memcpy(prog, nfp_prog->prog, nfp_prog->__prog_alloc_len);
	kvfree(nfp_prog->prog);
	nfp_prog->prog = prog;
}

int nfp_bpf_jit(struct nfp_prog *nfp_prog)