The following issues were found
fs/xfs/xfs_xattr.c
6 issues
Line: 30
Column: 14
CWE codes:
126
.dp = XFS_I(inode),
.attr_filter = handler->flags,
.name = name,
.namelen = strlen(name),
.value = value,
.valuelen = size,
};
int error;
Reported by FlawFinder.
Line: 53
Column: 14
CWE codes:
126
.attr_filter = handler->flags,
.attr_flags = flags,
.name = name,
.namelen = strlen(name),
.value = (void *)value,
.valuelen = size,
};
int error;
Reported by FlawFinder.
Line: 121
Column: 2
CWE codes:
120
return;
}
offset = context->buffer + context->count;
strncpy(offset, prefix, prefix_len);
offset += prefix_len;
strncpy(offset, (char *)name, namelen); /* real name */
offset += namelen;
*offset = '\0';
Reported by FlawFinder.
Line: 123
Column: 2
CWE codes:
120
offset = context->buffer + context->count;
strncpy(offset, prefix, prefix_len);
offset += prefix_len;
strncpy(offset, (char *)name, namelen); /* real name */
offset += namelen;
*offset = '\0';
compute_size:
context->count += prefix_len + namelen + 1;
Reported by FlawFinder.
Line: 154
Column: 6
CWE codes:
126
context, XATTR_SYSTEM_PREFIX,
XATTR_SYSTEM_PREFIX_LEN,
XATTR_POSIX_ACL_ACCESS,
strlen(XATTR_POSIX_ACL_ACCESS));
} else if (namelen == SGI_ACL_DEFAULT_SIZE &&
strncmp(name, SGI_ACL_DEFAULT,
SGI_ACL_DEFAULT_SIZE) == 0) {
__xfs_xattr_put_listent(
context, XATTR_SYSTEM_PREFIX,
Reported by FlawFinder.
Line: 162
Column: 6
CWE codes:
126
context, XATTR_SYSTEM_PREFIX,
XATTR_SYSTEM_PREFIX_LEN,
XATTR_POSIX_ACL_DEFAULT,
strlen(XATTR_POSIX_ACL_DEFAULT));
}
#endif
/*
* Only show root namespace entries if we are actually allowed to
Reported by FlawFinder.
fs/ocfs2/ioctl.c
6 issues
Line: 208
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (o2info_from_user(oil, req))
return -EFAULT;
memcpy(oil.il_label, osb->vol_label, OCFS2_MAX_VOL_LABEL_LEN);
o2info_set_request_filled(&oil.il_req);
if (o2info_to_user(oil, req))
return -EFAULT;
Reported by FlawFinder.
Line: 227
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (o2info_from_user(oiu, req))
return -EFAULT;
memcpy(oiu.iu_uuid_str, osb->uuid_str, OCFS2_TEXT_UUID_LEN + 1);
o2info_set_request_filled(&oiu.iu_req);
if (o2info_to_user(oiu, req))
return -EFAULT;
Reported by FlawFinder.
Line: 330
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
u32 i;
u64 blkno = -1;
char namebuf[40];
int status, type = INODE_ALLOC_SYSTEM_INODE;
struct ocfs2_info_freeinode *oifi = NULL;
struct ocfs2_super *osb = OCFS2_SB(inode->i_sb);
struct inode *inode_alloc = NULL;
Reported by FlawFinder.
Line: 617
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct ocfs2_info_request __user *req)
{
u64 blkno = -1;
char namebuf[40];
int status, type = GLOBAL_BITMAP_SYSTEM_INODE;
struct ocfs2_info_freefrag *oiff;
struct ocfs2_super *osb = OCFS2_SB(inode->i_sb);
struct inode *gb_inode = NULL;
Reported by FlawFinder.
Line: 365
Column: 12
CWE codes:
126
type, i);
status = ocfs2_lookup_ino_from_name(osb->sys_root_inode,
namebuf,
strlen(namebuf),
&blkno);
if (status < 0) {
status = -ENOENT;
goto bail;
}
Reported by FlawFinder.
Line: 657
Column: 11
CWE codes:
126
OCFS2_INVALID_SLOT);
status = ocfs2_lookup_ino_from_name(osb->sys_root_inode,
namebuf,
strlen(namebuf),
&blkno);
if (status < 0) {
status = -ENOENT;
goto bail;
}
Reported by FlawFinder.
fs/ocfs2/stackglue.c
6 issues
Line: 706
Column: 2
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
static int __init ocfs2_stack_glue_init(void)
{
strcpy(cluster_stack_name, OCFS2_STACK_PLUGIN_O2CB);
ocfs2_table_header = register_sysctl_table(ocfs2_root_table);
if (!ocfs2_table_header) {
printk(KERN_ERR
"ocfs2 stack glue: unable to register sysctl\n");
Reported by FlawFinder.
Line: 32
Column: 8
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static struct ocfs2_protocol_version locking_max_version;
static DEFINE_SPINLOCK(ocfs2_stack_lock);
static LIST_HEAD(ocfs2_stack_list);
static char cluster_stack_name[OCFS2_STACK_LABEL_LEN + 1];
static char ocfs2_hb_ctl_path[OCFS2_MAX_HB_CTL_PATH] = "/sbin/ocfs2_hb_ctl";
/*
* The stack currently in use. If not null, active_stack->sp_count > 0,
* the module is pinned, and the locking protocol cannot be changed.
Reported by FlawFinder.
Line: 33
Column: 8
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static DEFINE_SPINLOCK(ocfs2_stack_lock);
static LIST_HEAD(ocfs2_stack_list);
static char cluster_stack_name[OCFS2_STACK_LABEL_LEN + 1];
static char ocfs2_hb_ctl_path[OCFS2_MAX_HB_CTL_PATH] = "/sbin/ocfs2_hb_ctl";
/*
* The stack currently in use. If not null, active_stack->sp_count > 0,
* the module is pinned, and the locking protocol cannot be changed.
*/
Reported by FlawFinder.
Line: 419
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static void ocfs2_leave_group(const char *group)
{
int ret;
char *argv[5], *envp[3];
argv[0] = ocfs2_hb_ctl_path;
argv[1] = "-K";
argv[2] = "-u";
argv[3] = (char *)group;
Reported by FlawFinder.
Line: 578
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
else
ret = -EBUSY;
} else {
memcpy(cluster_stack_name, buf, len);
ret = count;
}
spin_unlock(&ocfs2_stack_lock);
return ret;
Reported by FlawFinder.
Line: 119
Column: 6
CWE codes:
126
if (!stack_name || !*stack_name)
stack_name = OCFS2_STACK_PLUGIN_O2CB;
if (strlen(stack_name) != OCFS2_STACK_LABEL_LEN) {
printk(KERN_ERR
"ocfs2 passed an invalid cluster stack label: \"%s\"\n",
stack_name);
return -EINVAL;
}
Reported by FlawFinder.
include/linux/sfp.h
6 issues
Line: 161
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
u8 br_nominal;
u8 rate_id;
u8 link_len[6];
char vendor_name[16];
u8 extended_cc;
char vendor_oui[3];
char vendor_pn[16];
char vendor_rev[4];
union {
Reported by FlawFinder.
Line: 163
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
u8 link_len[6];
char vendor_name[16];
u8 extended_cc;
char vendor_oui[3];
char vendor_pn[16];
char vendor_rev[4];
union {
__be16 optical_wavelength;
__be16 cable_compliance;
Reported by FlawFinder.
Line: 164
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
char vendor_name[16];
u8 extended_cc;
char vendor_oui[3];
char vendor_pn[16];
char vendor_rev[4];
union {
__be16 optical_wavelength;
__be16 cable_compliance;
struct {
Reported by FlawFinder.
Line: 165
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
u8 extended_cc;
char vendor_oui[3];
char vendor_pn[16];
char vendor_rev[4];
union {
__be16 optical_wavelength;
__be16 cable_compliance;
struct {
#if defined __BIG_ENDIAN_BITFIELD
Reported by FlawFinder.
Line: 212
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
__be16 options;
u8 br_max;
u8 br_min;
char vendor_sn[16];
char datecode[8];
u8 diagmon;
u8 enhopts;
u8 sff8472_compliance;
u8 cc_ext;
Reported by FlawFinder.
Line: 213
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
u8 br_max;
u8 br_min;
char vendor_sn[16];
char datecode[8];
u8 diagmon;
u8 enhopts;
u8 sff8472_compliance;
u8 cc_ext;
} __packed;
Reported by FlawFinder.
include/linux/fs.h
6 issues
Line: 2070
Column: 8
CWE codes:
362
20
Suggestion:
Reconsider approach
int (*permission) (struct user_namespace *, struct inode *, int);
struct posix_acl * (*get_acl)(struct inode *, int);
int (*readlink) (struct dentry *, char __user *,int);
int (*create) (struct user_namespace *, struct inode *,struct dentry *,
umode_t, bool);
int (*link) (struct dentry *,struct inode *,struct dentry *);
int (*unlink) (struct inode *,struct dentry *);
Reported by FlawFinder.
Line: 1480
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct fsnotify_mark_connector __rcu *s_fsnotify_marks;
#endif
char s_id[32]; /* Informational name */
uuid_t s_uuid; /* UUID */
unsigned int s_max_links;
fmode_t s_mode;
Reported by FlawFinder.
Line: 2037
Column: 8
CWE codes:
362
long (*compat_ioctl) (struct file *, unsigned int, unsigned long);
int (*mmap) (struct file *, struct vm_area_struct *);
unsigned long mmap_supported_flags;
int (*open) (struct inode *, struct file *);
int (*flush) (struct file *, fl_owner_t id);
int (*release) (struct inode *, struct file *);
int (*fsync) (struct file *, loff_t, loff_t, int datasync);
int (*fasync) (int, struct file *, int);
int (*lock) (struct file *, int, struct file_lock *);
Reported by FlawFinder.
Line: 2096
Column: 8
CWE codes:
377
int (*atomic_open)(struct inode *, struct dentry *,
struct file *, unsigned open_flag,
umode_t create_mode);
int (*tmpfile) (struct user_namespace *, struct inode *,
struct dentry *, umode_t);
int (*set_acl)(struct user_namespace *, struct inode *,
struct posix_acl *, int);
int (*fileattr_set)(struct user_namespace *mnt_userns,
struct dentry *dentry, struct fileattr *fa);
Reported by FlawFinder.
Line: 2794
Column: 10
CWE codes:
362
extern void putname(struct filename *name);
extern int finish_open(struct file *file, struct dentry *dentry,
int (*open)(struct inode *, struct file *));
extern int finish_no_open(struct file *file, struct dentry *dentry);
/* fs/dcache.c */
extern void __init vfs_caches_init_early(void);
extern void __init vfs_caches_init(void);
Reported by FlawFinder.
Line: 2025
Column: 12
CWE codes:
120
20
struct file_operations {
struct module *owner;
loff_t (*llseek) (struct file *, loff_t, int);
ssize_t (*read) (struct file *, char __user *, size_t, loff_t *);
ssize_t (*write) (struct file *, const char __user *, size_t, loff_t *);
ssize_t (*read_iter) (struct kiocb *, struct iov_iter *);
ssize_t (*write_iter) (struct kiocb *, struct iov_iter *);
int (*iopoll)(struct kiocb *kiocb, bool spin);
int (*iterate) (struct file *, struct dir_context *);
Reported by FlawFinder.
fs/adfs/dir.c
6 issues
Line: 30
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
return -EINVAL;
if (remain < len) {
memcpy(dst, dir->bhs[index]->b_data + offset, remain);
dst += remain;
len -= remain;
index += 1;
offset = 0;
}
Reported by FlawFinder.
Line: 37
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
offset = 0;
}
memcpy(dst, dir->bhs[index]->b_data + offset, len);
return 0;
}
int adfs_dir_copyto(struct adfs_dir *dir, unsigned int offset, const void *src,
Reported by FlawFinder.
Line: 55
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
return -EINVAL;
if (remain < len) {
memcpy(dir->bhs[index]->b_data + offset, src, remain);
src += remain;
len -= remain;
index += 1;
offset = 0;
}
Reported by FlawFinder.
Line: 62
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
offset = 0;
}
memcpy(dir->bhs[index]->b_data + offset, src, len);
return 0;
}
static void __adfs_dir_cleanup(struct adfs_dir *dir)
Reported by FlawFinder.
Line: 115
Column: 4
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
return -ENOMEM;
if (dir->nr_buffers)
memcpy(bhs, dir->bhs, dir->nr_buffers * sizeof(*bhs));
dir->bhs = bhs;
}
for (i = dir->nr_buffers; i < num; i++) {
Reported by FlawFinder.
Line: 153
Column: 29
CWE codes:
120
20
dir->bhs = dir->bh;
dir->nr_buffers = 0;
return ADFS_SB(sb)->s_dir->read(sb, indaddr, size, dir);
}
static int adfs_dir_read_inode(struct super_block *sb, struct inode *inode,
struct adfs_dir *dir)
{
Reported by FlawFinder.
fs/nfs/callback_xdr.c
6 issues
Line: 101
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
p = xdr_inline_decode(xdr, fh->size);
if (unlikely(p == NULL))
return htonl(NFS4ERR_RESOURCE);
memcpy(&fh->data[0], p, fh->size);
memset(&fh->data[fh->size], 0, sizeof(fh->data) - fh->size);
return 0;
}
static __be32 decode_bitmap(struct xdr_stream *xdr, uint32_t *bitmap)
Reported by FlawFinder.
Line: 132
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
p = xdr_inline_decode(xdr, NFS4_STATEID_SIZE);
if (unlikely(p == NULL))
return htonl(NFS4ERR_RESOURCE);
memcpy(stateid->data, p, NFS4_STATEID_SIZE);
return 0;
}
static __be32 decode_delegation_stateid(struct xdr_stream *xdr, nfs4_stateid *stateid)
{
Reported by FlawFinder.
Line: 320
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
goto err;
}
dev->cbd_layout_type = ntohl(*p++);
memcpy(dev->cbd_dev_id.data, p, NFS4_DEVICEID4_SIZE);
p += XDR_QUADLEN(NFS4_DEVICEID4_SIZE);
if (dev->cbd_layout_type == NOTIFY_DEVICEID4_CHANGE) {
p = xdr_inline_decode(xdr, sizeof(uint32_t));
if (unlikely(p == NULL)) {
Reported by FlawFinder.
Line: 358
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (unlikely(p == NULL))
return htonl(NFS4ERR_RESOURCE);
memcpy(sid->data, p, NFS4_MAX_SESSIONID_LEN);
return 0;
}
static __be32 decode_rc_list(struct xdr_stream *xdr,
struct referring_call_list *rc_list)
Reported by FlawFinder.
Line: 545
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
args->wr_writeverf.committed = be32_to_cpup(p);
p = xdr_inline_decode(xdr, NFS4_VERIFIER_SIZE);
if (likely(p)) {
memcpy(&args->wr_writeverf.verifier.data[0], p,
NFS4_VERIFIER_SIZE);
return 0;
}
out:
return htonl(NFS4ERR_RESOURCE);
Reported by FlawFinder.
Line: 727
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (unlikely(p == NULL))
return htonl(NFS4ERR_RESOURCE);
memcpy(p, sid, NFS4_MAX_SESSIONID_LEN);
return 0;
}
static __be32 encode_cb_sequence_res(struct svc_rqst *rqstp,
struct xdr_stream *xdr,
Reported by FlawFinder.
include/linux/gameport.h
6 issues
Line: 20
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct gameport {
void *port_data; /* Private pointer for gameport drivers */
char name[32];
char phys[32];
int io;
int speed;
int fuzz;
Reported by FlawFinder.
Line: 21
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
void *port_data; /* Private pointer for gameport drivers */
char name[32];
char phys[32];
int io;
int speed;
int fuzz;
Reported by FlawFinder.
Line: 31
Column: 8
CWE codes:
362
unsigned char (*read)(struct gameport *);
int (*cooked_read)(struct gameport *, int *, int *);
int (*calibrate)(struct gameport *, int *, int *);
int (*open)(struct gameport *, int);
void (*close)(struct gameport *);
struct timer_list poll_timer;
unsigned int poll_interval; /* in msecs */
spinlock_t timer_lock;
Reported by FlawFinder.
Line: 28
Column: 18
CWE codes:
120
20
int fuzz;
void (*trigger)(struct gameport *);
unsigned char (*read)(struct gameport *);
int (*cooked_read)(struct gameport *, int *, int *);
int (*calibrate)(struct gameport *, int *, int *);
int (*open)(struct gameport *, int);
void (*close)(struct gameport *);
Reported by FlawFinder.
Line: 176
Column: 16
CWE codes:
120
20
static inline unsigned char gameport_read(struct gameport *gameport)
{
if (gameport->read)
return gameport->read(gameport);
else
return inb(gameport->io);
}
Reported by FlawFinder.
Line: 177
Column: 20
CWE codes:
120
20
static inline unsigned char gameport_read(struct gameport *gameport)
{
if (gameport->read)
return gameport->read(gameport);
else
return inb(gameport->io);
}
static inline int gameport_cooked_read(struct gameport *gameport, int *axes, int *buttons)
Reported by FlawFinder.
include/linux/scmi_protocol.h
6 issues
Line: 39
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
u8 num_protocols;
u8 num_agents;
u32 impl_ver;
char vendor_id[SCMI_MAX_STR_SIZE];
char sub_vendor_id[SCMI_MAX_STR_SIZE];
};
struct scmi_clock_info {
char name[SCMI_MAX_STR_SIZE];
Reported by FlawFinder.
Line: 40
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
u8 num_agents;
u32 impl_ver;
char vendor_id[SCMI_MAX_STR_SIZE];
char sub_vendor_id[SCMI_MAX_STR_SIZE];
};
struct scmi_clock_info {
char name[SCMI_MAX_STR_SIZE];
bool rate_discrete;
Reported by FlawFinder.
Line: 44
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
};
struct scmi_clock_info {
char name[SCMI_MAX_STR_SIZE];
bool rate_discrete;
union {
struct {
int num_rates;
u64 rates[SCMI_MAX_NUM_RATES];
Reported by FlawFinder.
Line: 204
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
unsigned int id;
unsigned int type;
int scale;
char name[SCMI_MAX_STR_SIZE];
bool extended_attrs;
unsigned int resolution;
int exponent;
struct scmi_range_attrs attrs;
};
Reported by FlawFinder.
Line: 326
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#define SCMI_SENS_CFG_SENSOR_ENABLED_MASK BIT(0)
#define SCMI_SENS_CFG_SENSOR_ENABLE 1
#define SCMI_SENS_CFG_SENSOR_DISABLE 0
char name[SCMI_MAX_STR_SIZE];
#define SCMI_SENS_CFG_IS_ENABLED(x) FIELD_GET(BIT(0), (x))
bool extended_scalar_attrs;
unsigned int sensor_power;
unsigned int resolution;
int exponent;
Reported by FlawFinder.
Line: 513
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
bool segmented;
bool negative_volts_allowed;
unsigned int attributes;
char name[SCMI_MAX_STR_SIZE];
unsigned int num_levels;
#define SCMI_VOLTAGE_SEGMENT_LOW 0
#define SCMI_VOLTAGE_SEGMENT_HIGH 1
#define SCMI_VOLTAGE_SEGMENT_STEP 2
int *levels_uv;
Reported by FlawFinder.
fs/nfs/fs_context.c
6 issues
Line: 970
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (data->flags & NFS_MOUNT_VER3)
goto out_no_v3;
data->root.size = NFS2_FHSIZE;
memcpy(data->root.data, data->old_root.data, NFS2_FHSIZE);
/* Turn off security negotiation */
extra_flags |= NFS_MOUNT_SECFLAVOUR;
fallthrough;
case 4:
if (data->flags & NFS_MOUNT_SECFLAVOUR)
Reported by FlawFinder.
Line: 993
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
}
memcpy(mntfh->data, data->root.data, mntfh->size);
if (mntfh->size < sizeof(mntfh->data))
memset(mntfh->data + mntfh->size, 0,
sizeof(mntfh->data) - mntfh->size);
/*
Reported by FlawFinder.
Line: 1023
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
ctx->acdirmax = data->acdirmax;
ctx->need_mount = false;
memcpy(sap, &data->addr, sizeof(data->addr));
ctx->nfs_server.addrlen = sizeof(data->addr);
ctx->nfs_server.port = ntohs(data->addr.sin_port);
if (sap->sa_family != AF_INET ||
!nfs_verify_server_address(sap))
goto out_no_address;
Reported by FlawFinder.
Line: 1523
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
ctx->version = nfss->nfs_client->rpc_ops->version;
ctx->minorversion = nfss->nfs_client->cl_minorversion;
memcpy(&ctx->nfs_server.address, &nfss->nfs_client->cl_addr,
ctx->nfs_server.addrlen);
if (fc->net_ns != net) {
put_net(fc->net_ns);
fc->net_ns = get_net(net);
Reported by FlawFinder.
Line: 902
Column: 8
CWE codes:
126
ctx->nfs_server.hostname = kmemdup_nul(dev_name, len, GFP_KERNEL);
if (!ctx->nfs_server.hostname)
goto out_nomem;
len = strlen(++end);
if (len > maxpathlen)
goto out_path;
ctx->nfs_server.export_path = kmemdup_nul(end, len, GFP_KERNEL);
if (!ctx->nfs_server.export_path)
goto out_nomem;
Reported by FlawFinder.
Line: 1066
Column: 24
CWE codes:
126
data->context[NFS_MAX_CONTEXT_LEN] = '\0';
ret = vfs_parse_fs_string(fc, "context",
data->context, strlen(data->context));
if (ret < 0)
return ret;
#else
return -EINVAL;
#endif
Reported by FlawFinder.