The following issues were found
drivers/net/ethernet/micrel/ks8851_par.c
1 issues
Line: 66
CWE codes:
908
{
struct ks8851_net_par *ksp = to_ks8851_par(ks);
spin_lock_irqsave(&ksp->lock, *flags);
}
/**
* ks8851_unlock_par - register access unlock
* @ks: The chip state
Reported by Cppcheck.
drivers/net/wireless/broadcom/b43legacy/b43legacy.h
1 issues
Line: 610
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#ifdef CONFIG_B43LEGACY_HWRNG
struct hwrng rng;
u8 rng_initialized;
char rng_name[30 + 1];
#endif
/* List of all wireless devices on this chip */
struct list_head devlist;
u8 nr_devs;
Reported by FlawFinder.
drivers/net/ethernet/micrel/ks8851_common.c
1 issues
Line: 675
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (!is_valid_ether_addr(sa->sa_data))
return -EADDRNOTAVAIL;
memcpy(dev->dev_addr, sa->sa_data, ETH_ALEN);
return ks8851_write_mac_addr(dev);
}
static int ks8851_net_ioctl(struct net_device *dev, struct ifreq *req, int cmd)
{
Reported by FlawFinder.
drivers/net/wireless/broadcom/b43legacy/dma.c
1 issues
Line: 999
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
}
skb_put_data(bounce_skb, skb->data, skb->len);
memcpy(bounce_skb->cb, skb->cb, sizeof(skb->cb));
bounce_skb->dev = skb->dev;
skb_set_queue_mapping(bounce_skb, skb_get_queue_mapping(skb));
info = IEEE80211_SKB_CB(bounce_skb);
dev_kfree_skb_any(skb);
Reported by FlawFinder.
drivers/net/wireless/broadcom/b43legacy/leds.c
1 issues
Line: 121
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
bool activelow)
{
struct ieee80211_hw *hw = dev->wl->hw;
char name[B43legacy_LED_MAX_NAME_LEN + 1];
/* Map the b43 specific LED behaviour value to the
* generic LED triggers. */
switch (behaviour) {
case B43legacy_LED_INACTIVE:
Reported by FlawFinder.
drivers/net/wireless/broadcom/b43legacy/leds.h
1 issues
Line: 25
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
* bit is switched off. */
bool activelow;
/* The unique name string for this LED device. */
char name[B43legacy_LED_MAX_NAME_LEN + 1];
};
#define B43legacy_LED_BEHAVIOUR 0x7F
#define B43legacy_LED_ACTIVELOW 0x80
/* LED behaviour values */
Reported by FlawFinder.
drivers/net/ethernet/intel/igc/igc_dump.c
1 issues
Line: 48
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
struct net_device *dev = igc_get_hw_dev(hw);
int n = 0;
char rname[16];
u32 regs[8];
switch (reginfo->ofs) {
case IGC_RDLEN(0):
for (n = 0; n < 4; n++)
Reported by FlawFinder.
drivers/net/ethernet/mediatek/mtk_star_emac.c
1 issues
Line: 1114
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
mtk_star_update_stats(priv);
memcpy(stats, &priv->stats, sizeof(*stats));
}
static void mtk_star_set_rx_mode(struct net_device *ndev)
{
struct mtk_star_priv *priv = netdev_priv(ndev);
Reported by FlawFinder.
drivers/net/ethernet/intel/igc/igc_hw.h
1 issues
Line: 111
Column: 8
CWE codes:
120
20
struct igc_nvm_operations {
s32 (*acquire)(struct igc_hw *hw);
s32 (*read)(struct igc_hw *hw, u16 offset, u16 i, u16 *data);
void (*release)(struct igc_hw *hw);
s32 (*write)(struct igc_hw *hw, u16 offset, u16 i, u16 *data);
s32 (*update)(struct igc_hw *hw);
s32 (*validate)(struct igc_hw *hw);
};
Reported by FlawFinder.
drivers/net/ethernet/intel/igc/igc_i225.c
1 issues
Line: 325
Column: 28
CWE codes:
120
20
* the one that skips this for a while.
* We have semaphore taken already here.
*/
read_op_ptr = hw->nvm.ops.read;
hw->nvm.ops.read = igc_read_nvm_eerd;
status = igc_validate_nvm_checksum(hw);
/* Revert original read operation. */
Reported by FlawFinder.