The following issues were found
scripts/kconfig/expr.c
7 issues
Line: 74
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
return NULL;
e = xmalloc(sizeof(*org));
memcpy(e, org, sizeof(*org));
switch (org->type) {
case E_SYMBOL:
e->left = org->left;
break;
case E_NOT:
Reported by FlawFinder.
Line: 1220
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
break;
default:
{
char buf[32];
sprintf(buf, "<unknown type %d>", e->type);
fn(data, NULL, buf);
break;
}
}
Reported by FlawFinder.
Line: 1221
Column: 3
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
default:
{
char buf[32];
sprintf(buf, "<unknown type %d>", e->type);
fn(data, NULL, buf);
break;
}
}
if (expr_compare_type(prevtoken, e->type) > 0)
Reported by FlawFinder.
Line: 1232
Column: 15
CWE codes:
126
static void expr_print_file_helper(void *data, struct symbol *sym, const char *str)
{
xfwrite(str, strlen(str), 1, data);
}
void expr_fprint(struct expr *e, FILE *out)
{
expr_print(e, expr_print_file_helper, out, E_NONE);
Reported by FlawFinder.
Line: 1249
Column: 27
CWE codes:
126
sym_str = sym_get_string_value(sym);
if (gs->max_width) {
unsigned extra_length = strlen(str);
const char *last_cr = strrchr(gs->s, '\n');
unsigned last_line_length;
if (sym_str)
extra_length += 4 + strlen(sym_str);
Reported by FlawFinder.
Line: 1254
Column: 24
CWE codes:
126
unsigned last_line_length;
if (sym_str)
extra_length += 4 + strlen(sym_str);
if (!last_cr)
last_cr = gs->s;
last_line_length = strlen(gs->s) - (last_cr - gs->s);
Reported by FlawFinder.
Line: 1259
Column: 22
CWE codes:
126
if (!last_cr)
last_cr = gs->s;
last_line_length = strlen(gs->s) - (last_cr - gs->s);
if ((last_line_length + extra_length) > gs->max_width)
str_append(gs, "\\\n");
}
Reported by FlawFinder.
sound/usb/card.c
7 issues
Line: 63
Column: 8
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
MODULE_LICENSE("GPL");
static int index[SNDRV_CARDS] = SNDRV_DEFAULT_IDX; /* Index 0-MAX */
static char *id[SNDRV_CARDS] = SNDRV_DEFAULT_STR; /* ID for this card */
static bool enable[SNDRV_CARDS] = SNDRV_DEFAULT_ENABLE_PNP;/* Enable this card */
/* Vendor/product IDs for this card */
static int vid[SNDRV_CARDS] = { [0 ... (SNDRV_CARDS-1)] = -1 };
static int pid[SNDRV_CARDS] = { [0 ... (SNDRV_CARDS-1)] = -1 };
static int device_setup[SNDRV_CARDS]; /* device parameter for this card */
Reported by FlawFinder.
Line: 71
Column: 8
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static int device_setup[SNDRV_CARDS]; /* device parameter for this card */
static bool ignore_ctl_error;
static bool autoclock = true;
static char *quirk_alias[SNDRV_CARDS];
static char *delayed_register[SNDRV_CARDS];
static bool implicit_fb[SNDRV_CARDS];
bool snd_usb_use_vmalloc = true;
bool snd_usb_skip_validation;
Reported by FlawFinder.
Line: 72
Column: 8
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static bool ignore_ctl_error;
static bool autoclock = true;
static char *quirk_alias[SNDRV_CARDS];
static char *delayed_register[SNDRV_CARDS];
static bool implicit_fb[SNDRV_CARDS];
bool snd_usb_use_vmalloc = true;
bool snd_usb_skip_validation;
Reported by FlawFinder.
Line: 482
Column: 3
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
usb_string(dev, dev->descriptor.iProduct,
card->shortname, sizeof(card->shortname)) <= 0) {
/* no name available from anywhere, so use ID */
sprintf(card->shortname, "USB Device %#04x:%#04x",
USB_ID_VENDOR(chip->usb_id),
USB_ID_PRODUCT(chip->usb_id));
}
strim(card->shortname);
Reported by FlawFinder.
Line: 569
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct snd_card *card;
struct snd_usb_audio *chip;
int err;
char component[14];
*rchip = NULL;
switch (snd_usb_get_speed(dev)) {
case USB_SPEED_LOW:
Reported by FlawFinder.
Line: 615
Column: 2
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
card->private_free = snd_usb_audio_free;
strcpy(card->driver, "USB-Audio");
sprintf(component, "USB%04x:%04x",
USB_ID_VENDOR(chip->usb_id), USB_ID_PRODUCT(chip->usb_id));
snd_component_add(card, component);
usb_audio_make_shortname(dev, chip, quirk);
Reported by FlawFinder.
Line: 616
Column: 2
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
card->private_free = snd_usb_audio_free;
strcpy(card->driver, "USB-Audio");
sprintf(component, "USB%04x:%04x",
USB_ID_VENDOR(chip->usb_id), USB_ID_PRODUCT(chip->usb_id));
snd_component_add(card, component);
usb_audio_make_shortname(dev, chip, quirk);
usb_audio_make_longname(dev, chip, quirk);
Reported by FlawFinder.
scripts/sign-file.c
7 issues
Line: 127
Column: 2
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
if (pwlen >= len)
return -1;
strcpy(buf, key_pass);
/* If it's wrong, don't keep trying it. */
key_pass = NULL;
return pwlen;
Reported by FlawFinder.
Line: 236
Column: 13
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
ERR_load_crypto_strings();
ERR_clear_error();
key_pass = getenv("KBUILD_SIGN_PIN");
#ifndef USE_PKCS7
use_signed_attrs = CMS_NOATTR;
#else
use_signed_attrs = PKCS7_NOATTR;
Reported by FlawFinder.
Line: 245
Column: 9
CWE codes:
120
20
Suggestion:
Check implementation on installation, or limit the size of all string inputs
#endif
do {
opt = getopt(argc, argv, "sdpk");
switch (opt) {
case 's': raw_sig = true; break;
case 'p': save_sig = true; break;
case 'd': sign_only = true; save_sig = true; break;
#ifndef USE_PKCS7
Reported by FlawFinder.
Line: 82
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static void display_openssl_errors(int l)
{
const char *file;
char buf[120];
int e, line;
if (ERR_peek_error() == 0)
return;
fprintf(stderr, "At main.c:%d:\n", l);
Reported by FlawFinder.
Line: 172
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static X509 *read_x509(const char *x509_name)
{
unsigned char buf[2];
X509 *x509;
BIO *b;
int n;
b = BIO_new_file(x509_name, "rb");
Reported by FlawFinder.
Line: 218
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
bool save_sig = false, replace_orig;
bool sign_only = false;
bool raw_sig = false;
unsigned char buf[4096];
unsigned long module_size, sig_size;
unsigned int use_signed_attrs;
const EVP_MD *digest_algo;
EVP_PKEY *private_key;
#ifndef USE_PKCS7
Reported by FlawFinder.
Line: 123
Column: 10
CWE codes:
126
if (!key_pass)
return -1;
pwlen = strlen(key_pass);
if (pwlen >= len)
return -1;
strcpy(buf, key_pass);
Reported by FlawFinder.
net/sunrpc/addr.c
7 issues
Line: 92
Column: 2
CWE codes:
120
Suggestion:
Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused)
if (unlikely(len >= buflen))
return 0;
strcat(buf, scopebuf);
return len;
}
#else /* !IS_ENABLED(CONFIG_IPV6) */
Reported by FlawFinder.
Line: 70
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
char *buf, const size_t buflen)
{
const struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)sap;
char scopebuf[IPV6_SCOPE_ID_LEN];
size_t len;
int rc;
len = rpc_ntop6_noscopeid(sap, buf, buflen);
if (unlikely(len == 0))
Reported by FlawFinder.
Line: 271
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
*/
char *rpc_sockaddr2uaddr(const struct sockaddr *sap, gfp_t gfp_flags)
{
char portbuf[RPCBIND_MAXUADDRPLEN];
char addrbuf[RPCBIND_MAXUADDRLEN];
unsigned short port;
switch (sap->sa_family) {
case AF_INET:
Reported by FlawFinder.
Line: 272
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
char *rpc_sockaddr2uaddr(const struct sockaddr *sap, gfp_t gfp_flags)
{
char portbuf[RPCBIND_MAXUADDRPLEN];
char addrbuf[RPCBIND_MAXUADDRLEN];
unsigned short port;
switch (sap->sa_family) {
case AF_INET:
if (rpc_ntop4(sap, addrbuf, sizeof(addrbuf)) == 0)
Reported by FlawFinder.
Line: 318
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
const size_t uaddr_len, struct sockaddr *sap,
const size_t salen)
{
char *c, buf[RPCBIND_MAXUADDRLEN + sizeof('\0')];
u8 portlo, porthi;
unsigned short port;
if (uaddr_len > RPCBIND_MAXUADDRLEN)
return 0;
Reported by FlawFinder.
Line: 325
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (uaddr_len > RPCBIND_MAXUADDRLEN)
return 0;
memcpy(buf, uaddr, uaddr_len);
buf[uaddr_len] = '\0';
c = strrchr(buf, '.');
if (unlikely(c == NULL))
return 0;
Reported by FlawFinder.
Line: 344
Column: 25
CWE codes:
126
port = (unsigned short)((porthi << 8) | portlo);
*c = '\0';
if (rpc_pton(net, buf, strlen(buf), sap, salen) == 0)
return 0;
switch (sap->sa_family) {
case AF_INET:
((struct sockaddr_in *)sap)->sin_port = htons(port);
Reported by FlawFinder.
sound/pci/sonicvibes.c
7 issues
Line: 1463
Column: 2
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
strcpy(card->driver, "SonicVibes");
strcpy(card->shortname, "S3 SonicVibes");
sprintf(card->longname, "%s rev %i at 0x%llx, irq %i",
card->shortname,
sonic->revision,
(unsigned long long)pci_resource_start(pci, 1),
sonic->irq);
Reported by FlawFinder.
Line: 38
Column: 8
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#endif
static int index[SNDRV_CARDS] = SNDRV_DEFAULT_IDX; /* Index 0-MAX */
static char *id[SNDRV_CARDS] = SNDRV_DEFAULT_STR; /* ID for this card */
static bool enable[SNDRV_CARDS] = SNDRV_DEFAULT_ENABLE_PNP; /* Enable this card */
static bool reverb[SNDRV_CARDS];
static bool mge[SNDRV_CARDS];
static unsigned int dmaio = 0x7a00; /* DDMA i/o address */
Reported by FlawFinder.
Line: 866
Column: 2
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
pcm->private_data = sonic;
pcm->info_flags = 0;
strcpy(pcm->name, "S3 SonicVibes");
sonic->pcm = pcm;
snd_pcm_set_managed_buffer_all(pcm, SNDRV_DMA_TYPE_DEV,
&sonic->pci->dev, 64*1024, 128*1024);
Reported by FlawFinder.
Line: 886
Column: 15
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static int snd_sonicvibes_info_mux(struct snd_kcontrol *kcontrol, struct snd_ctl_elem_info *uinfo)
{
static const char * const texts[7] = {
"CD", "PCM", "Aux1", "Line", "Aux0", "Mic", "Mix"
};
return snd_ctl_enum_info(uinfo, 2, 7, texts);
}
Reported by FlawFinder.
Line: 1094
Column: 2
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
if (snd_BUG_ON(!sonic || !sonic->card))
return -EINVAL;
card = sonic->card;
strcpy(card->mixername, "S3 SonicVibes");
for (idx = 0; idx < ARRAY_SIZE(snd_sonicvibes_controls); idx++) {
kctl = snd_ctl_new1(&snd_sonicvibes_controls[idx], sonic);
err = snd_ctl_add(card, kctl);
if (err < 0)
Reported by FlawFinder.
Line: 1461
Column: 2
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
return err;
}
strcpy(card->driver, "SonicVibes");
strcpy(card->shortname, "S3 SonicVibes");
sprintf(card->longname, "%s rev %i at 0x%llx, irq %i",
card->shortname,
sonic->revision,
(unsigned long long)pci_resource_start(pci, 1),
Reported by FlawFinder.
Line: 1462
Column: 2
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
}
strcpy(card->driver, "SonicVibes");
strcpy(card->shortname, "S3 SonicVibes");
sprintf(card->longname, "%s rev %i at 0x%llx, irq %i",
card->shortname,
sonic->revision,
(unsigned long long)pci_resource_start(pci, 1),
sonic->irq);
Reported by FlawFinder.
net/vmw_vsock/af_vsock.c
7 issues
Line: 942
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
* value here.
*/
BUILD_BUG_ON(sizeof(*vm_addr) > 128);
memcpy(addr, vm_addr, sizeof(*vm_addr));
err = sizeof(*vm_addr);
out:
release_sock(sk);
return err;
Reported by FlawFinder.
Line: 1989
Column: 58
CWE codes:
120
20
copied += read;
err = transport->notify_recv_post_dequeue(vsk, target, read,
!(flags & MSG_PEEK), &recv_data);
if (err < 0)
goto out;
if (read >= target || flags & MSG_PEEK)
Reported by FlawFinder.
samples/bpf/xdp_redirect_map_user.c
7 issues
Line: 104
Column: 2
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
if (!if_indextoname(ifindex_out, ifname))
goto err_out;
strcpy(ifr.ifr_name, ifname);
if (ioctl(fd, SIOCGIFHWADDR, &ifr) != 0)
goto err_out;
memcpy(mac_addr, ifr.ifr_hwaddr.sa_data, 6 * sizeof(char));
Reported by FlawFinder.
Line: 145
Column: 16
CWE codes:
120
20
Suggestion:
Check implementation on installation, or limit the size of all string inputs
int ret, opt, key = 0;
char filename[256];
while ((opt = getopt(argc, argv, optstr)) != -1) {
switch (opt) {
case 'S':
xdp_flags |= XDP_FLAGS_SKB_MODE;
break;
case 'N':
Reported by FlawFinder.
Line: 87
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (sum)
printf("ifindex %i: %10llu pkt/s\n",
ifindex, sum / interval);
memcpy(prev, values, sizeof(values));
}
}
static int get_mac_addr(unsigned int ifindex_out, void *mac_addr)
{
Reported by FlawFinder.
Line: 93
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static int get_mac_addr(unsigned int ifindex_out, void *mac_addr)
{
char ifname[IF_NAMESIZE];
struct ifreq ifr;
int fd, ret = -1;
fd = socket(AF_INET, SOCK_DGRAM, 0);
if (fd < 0)
Reported by FlawFinder.
Line: 109
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (ioctl(fd, SIOCGIFHWADDR, &ifr) != 0)
goto err_out;
memcpy(mac_addr, ifr.ifr_hwaddr.sa_data, 6 * sizeof(char));
ret = 0;
err_out:
close(fd);
return ret;
Reported by FlawFinder.
Line: 143
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
const char *optstr = "FSNX";
struct bpf_object *obj;
int ret, opt, key = 0;
char filename[256];
while ((opt = getopt(argc, argv, optstr)) != -1) {
switch (opt) {
case 'S':
xdp_flags |= XDP_FLAGS_SKB_MODE;
Reported by FlawFinder.
Line: 248
Column: 12
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
/* Load 2nd xdp prog on egress. */
if (xdp_devmap_attached) {
unsigned char mac_addr[6];
devmap_prog = bpf_object__find_program_by_name(obj, "xdp_redirect_map_egress");
if (!devmap_prog) {
printf("finding devmap_prog in obj file failed\n");
goto out;
Reported by FlawFinder.
samples/bpf/cpustat_user.c
7 issues
Line: 43
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static void cpu_stat_print(void)
{
int i, j;
char state_str[sizeof("cstate-9")];
struct cpu_stat_data *data;
/* Clear screen */
printf("\033[2J");
Reported by FlawFinder.
Line: 54
Column: 3
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
printf("%-10s ", "state(ms)");
for (i = 0; i < MAX_CSTATE_ENTRIES; i++) {
sprintf(state_str, "cstate-%d", i);
printf("%-11s ", state_str);
}
for (i = 0; i < MAX_PSTATE_ENTRIES; i++) {
sprintf(state_str, "pstate-%d", i);
Reported by FlawFinder.
Line: 59
Column: 3
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
}
for (i = 0; i < MAX_PSTATE_ENTRIES; i++) {
sprintf(state_str, "pstate-%d", i);
printf("%-11s ", state_str);
}
printf("\n");
Reported by FlawFinder.
Line: 158
Column: 7
CWE codes:
362
{
int len, fd;
fd = open(CPUFREQ_MAX_SYSFS_PATH, O_WRONLY);
if (fd < 0) {
printf("failed to open scaling_max_freq, errno=%d\n", errno);
return fd;
}
Reported by FlawFinder.
Line: 195
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct bpf_link *link = NULL;
struct bpf_program *prog;
struct bpf_object *obj;
char filename[256];
int ret;
snprintf(filename, sizeof(filename), "%s_kern.o", argv[0]);
obj = bpf_object__open_file(filename, NULL);
if (libbpf_get_error(obj)) {
Reported by FlawFinder.
Line: 164
Column: 39
CWE codes:
126
return fd;
}
len = write(fd, CPUFREQ_LOWEST_FREQ, strlen(CPUFREQ_LOWEST_FREQ));
if (len < 0) {
printf("failed to open scaling_max_freq, errno=%d\n", errno);
goto err;
}
Reported by FlawFinder.
Line: 170
Column: 40
CWE codes:
126
goto err;
}
len = write(fd, CPUFREQ_HIGHEST_FREQ, strlen(CPUFREQ_HIGHEST_FREQ));
if (len < 0) {
printf("failed to open scaling_max_freq, errno=%d\n", errno);
goto err;
}
Reported by FlawFinder.
sound/ppc/tumbler.c
7 issues
Line: 1413
Column: 2
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
/*
* build mixers
*/
sprintf(chip->card->mixername, "PowerMac %s", chipname);
if (chip->model == PMAC_TUMBLER) {
for (i = 0; i < ARRAY_SIZE(tumbler_mixers); i++) {
err = snd_ctl_add(chip->card, snd_ctl_new1(&tumbler_mixers[i], chip));
if (err < 0)
Reported by FlawFinder.
Line: 200
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
*/
static int tumbler_set_master_volume(struct pmac_tumbler *mix)
{
unsigned char block[6];
unsigned int left_vol, right_vol;
if (! mix->i2c.client)
return -ENODEV;
Reported by FlawFinder.
Line: 324
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static int tumbler_set_drc(struct pmac_tumbler *mix)
{
unsigned char val[2];
if (! mix->i2c.client)
return -ENODEV;
if (mix->drc_enable) {
Reported by FlawFinder.
Line: 359
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static int snapper_set_drc(struct pmac_tumbler *mix)
{
unsigned char val[6];
if (! mix->i2c.client)
return -ENODEV;
if (mix->drc_enable)
Reported by FlawFinder.
Line: 491
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static int tumbler_set_mono_volume(struct pmac_tumbler *mix,
const struct tumbler_mono_vol *info)
{
unsigned char block[4];
unsigned int vol;
int i;
if (! mix->i2c.client)
return -ENODEV;
Reported by FlawFinder.
Line: 630
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static int snapper_set_mix_vol1(struct pmac_tumbler *mix, int idx, int ch, int reg)
{
int i, j, vol;
unsigned char block[9];
vol = mix->mix_vol[idx][ch];
if (vol >= ARRAY_SIZE(mixer_volume_table)) {
vol = ARRAY_SIZE(mixer_volume_table) - 1;
mix->mix_vol[idx][ch] = vol;
Reported by FlawFinder.
Line: 794
Column: 15
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static int snapper_info_capture_source(struct snd_kcontrol *kcontrol,
struct snd_ctl_elem_info *uinfo)
{
static const char * const texts[2] = {
"Line", "Mic"
};
return snd_ctl_enum_info(uinfo, 1, 2, texts);
}
Reported by FlawFinder.
sound/spi/at73c213.c
7 issues
Line: 714
Column: 2
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
card = chip->card;
strcpy(card->mixername, chip->pcm->name);
for (idx = 0; idx < ARRAY_SIZE(snd_at73c213_controls); idx++) {
errval = snd_ctl_add(card,
snd_ctl_new1(&snd_at73c213_controls[idx],
chip));
Reported by FlawFinder.
Line: 985
Column: 2
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
goto out_ssc;
strcpy(card->driver, "at73c213");
strcpy(card->shortname, board->shortname);
sprintf(card->longname, "%s on irq %d", card->shortname, chip->irq);
retval = snd_card_register(card);
if (retval)
goto out_ssc;
Reported by FlawFinder.
Line: 986
Column: 2
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
strcpy(card->driver, "at73c213");
strcpy(card->shortname, board->shortname);
sprintf(card->longname, "%s on irq %d", card->shortname, chip->irq);
retval = snd_card_register(card);
if (retval)
goto out_ssc;
Reported by FlawFinder.
Line: 337
Column: 2
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
pcm->private_data = chip;
pcm->info_flags = SNDRV_PCM_INFO_BLOCK_TRANSFER;
strcpy(pcm->name, "at73c213");
chip->pcm = pcm;
snd_pcm_set_ops(pcm, SNDRV_PCM_STREAM_PLAYBACK, &at73c213_playback_ops);
snd_pcm_set_managed_buffer_all(chip->pcm,
Reported by FlawFinder.
Line: 901
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
}
chip->irq = irq;
memcpy(&chip->reg_image, &snd_at73c213_original_image,
sizeof(snd_at73c213_original_image));
retval = snd_at73c213_ssc_init(chip);
if (retval)
goto out_irq;
Reported by FlawFinder.
Line: 943
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct snd_at73c213 *chip;
struct at73c213_board_info *board;
int retval;
char id[16];
board = spi->dev.platform_data;
if (!board) {
dev_dbg(&spi->dev, "no platform_data\n");
return -ENXIO;
Reported by FlawFinder.
Line: 984
Column: 2
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
if (retval)
goto out_ssc;
strcpy(card->driver, "at73c213");
strcpy(card->shortname, board->shortname);
sprintf(card->longname, "%s on irq %d", card->shortname, chip->irq);
retval = snd_card_register(card);
if (retval)
Reported by FlawFinder.