The following issues were found
drivers/net/ethernet/realtek/8139too.c
6 issues
Line: 284
Column: 8
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
MODULE_DEVICE_TABLE (pci, rtl8139_pci_tbl);
static struct {
const char str[ETH_GSTRING_LEN];
} ethtool_stats_keys[] = {
{ "early_rx" },
{ "tx_buf_mapped" },
{ "tx_timeouts" },
{ "rx_lost_in_ring" },
Reported by FlawFinder.
Line: 596
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
unsigned long cur_tx;
unsigned long dirty_tx;
struct rtl8139_stats tx_stats;
unsigned char *tx_buf[NUM_TX_DESC]; /* Tx bounce buffers */
unsigned char *tx_bufs; /* Tx bounce buffer region. */
dma_addr_t tx_bufs_dma;
signed char phys[4]; /* MII device addresses. */
Reported by FlawFinder.
Line: 600
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
unsigned char *tx_bufs; /* Tx bounce buffer region. */
dma_addr_t tx_bufs_dma;
signed char phys[4]; /* MII device addresses. */
/* Twister tune state. */
char twistie, twist_row, twist_col;
unsigned int watchdog_fired : 1;
Reported by FlawFinder.
Line: 1206
Column: 14
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#define mdio_delay() RTL_R8(Config4)
static const char mii_2_8139_map[8] = {
BasicModeCtrl,
BasicModeStatus,
0,
0,
NWayAdvert,
Reported by FlawFinder.
Line: 2241
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (!is_valid_ether_addr(addr->sa_data))
return -EADDRNOTAVAIL;
memcpy(dev->dev_addr, addr->sa_data, dev->addr_len);
spin_lock_irq(&tp->lock);
RTL_W8_F(Cfg9346, Cfg9346_Unlock);
RTL_W32_F(MAC0 + 0, cpu_to_le32 (*(u32 *) (dev->dev_addr + 0)));
Reported by FlawFinder.
Line: 2480
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
static void rtl8139_get_strings(struct net_device *dev, u32 stringset, u8 *data)
{
memcpy(data, ethtool_stats_keys, sizeof(ethtool_stats_keys));
}
static const struct ethtool_ops rtl8139_ethtool_ops = {
.get_drvinfo = rtl8139_get_drvinfo,
.get_regs_len = rtl8139_get_regs_len,
Reported by FlawFinder.
drivers/net/ethernet/i825xx/lib82596.c
6 issues
Line: 223
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct mc_cmd {
struct i596_cmd cmd;
short mc_cnt;
char mc_addrs[MAX_MC_CNT*6];
};
struct sa_cmd {
struct i596_cmd cmd;
char eth_addr[8];
Reported by FlawFinder.
Line: 228
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct sa_cmd {
struct i596_cmd cmd;
char eth_addr[8];
};
struct cf_cmd {
struct i596_cmd cmd;
char i596_config[16];
Reported by FlawFinder.
Line: 233
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct cf_cmd {
struct i596_cmd cmd;
char i596_config[16];
};
struct i596_rfd {
unsigned short stat;
unsigned short cmd;
Reported by FlawFinder.
Line: 631
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
DEB(DEB_INIT, printk(KERN_DEBUG
"%s: queuing CmdConfigure\n", dev->name));
memcpy(dma->cf_cmd.i596_config, init_setup, 14);
dma->cf_cmd.cmd.command = SWAP16(CmdConfigure);
dma_sync_dev(dev, &(dma->cf_cmd), sizeof(struct cf_cmd));
i596_add_cmd(dev, &dma->cf_cmd.cmd);
DEB(DEB_INIT, printk(KERN_DEBUG "%s: queuing CmdSASetup\n", dev->name));
Reported by FlawFinder.
Line: 637
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
i596_add_cmd(dev, &dma->cf_cmd.cmd);
DEB(DEB_INIT, printk(KERN_DEBUG "%s: queuing CmdSASetup\n", dev->name));
memcpy(dma->sa_cmd.eth_addr, dev->dev_addr, ETH_ALEN);
dma->sa_cmd.cmd.command = SWAP16(CmdSASetup);
dma_sync_dev(dev, &(dma->sa_cmd), sizeof(struct sa_cmd));
i596_add_cmd(dev, &dma->sa_cmd.cmd);
DEB(DEB_INIT, printk(KERN_DEBUG "%s: queuing CmdTDR\n", dev->name));
Reported by FlawFinder.
Line: 1413
Column: 4
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
netdev_for_each_mc_addr(ha, dev) {
if (!cnt--)
break;
memcpy(cp, ha->addr, ETH_ALEN);
if (i596_debug > 1)
DEB(DEB_MULTI,
printk(KERN_DEBUG
"%s: Adding address %pM\n",
dev->name, cp));
Reported by FlawFinder.
drivers/net/wireless/ath/ath10k/sdio.c
6 issues
Line: 1208
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
addr = ar_sdio->mbox_info.htc_addr;
memcpy(ar_sdio->bmi_buf, req, req_len);
ret = ath10k_sdio_write(ar, addr, ar_sdio->bmi_buf, req_len);
if (ret) {
ath10k_warn(ar,
"unable to send the bmi data to the device: %d\n",
ret);
Reported by FlawFinder.
Line: 1281
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
return ret;
}
memcpy(resp, ar_sdio->bmi_buf, *resp_len);
return 0;
}
/* sdio async handling functions */
Reported by FlawFinder.
Line: 1750
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
goto out;
}
memcpy(buf, mem, buf_len);
out:
kfree(mem);
return ret;
Reported by FlawFinder.
Line: 1928
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
mutex_lock(&irq_data->mtx);
memset(regs, 0, sizeof(*regs)); /* disable all interrupts */
memcpy(skb->data, regs, sizeof(*regs));
skb_put(skb, sizeof(*regs));
mutex_unlock(&irq_data->mtx);
init_completion(&irqs_disabled_comp);
Reported by FlawFinder.
Line: 2225
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
ath10k_warn(ar, "unable to read mem %d value\n", address + i);
break;
}
memcpy(buf + i, &val, 4);
}
return ret;
}
Reported by FlawFinder.
Line: 2477
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
void ath10k_sdio_fw_crashed_dump(struct ath10k *ar)
{
struct ath10k_fw_crash_data *crash_data;
char guid[UUID_STRING_LEN + 1];
bool fast_dump;
fast_dump = ath10k_sdio_is_fast_dump_supported(ar);
if (fast_dump)
Reported by FlawFinder.
drivers/net/ethernet/intel/ice/ice_ethtool.c
6 issues
Line: 14
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#include <net/dcbnl.h>
struct ice_stats {
char stat_string[ETH_GSTRING_LEN];
int sizeof_stat;
int stat_offset;
};
#define ICE_STAT(_type, _name, _stat) { \
Reported by FlawFinder.
Line: 152
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
};
struct ice_priv_flag {
char name[ETH_GSTRING_LEN];
u32 bitno; /* bit position in pf->flags */
};
#define ICE_PRIV_FLAG(_name, _bitno) { \
.name = _name, \
Reported by FlawFinder.
Line: 298
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
goto release;
}
memcpy(bytes, buf, eeprom->len);
release:
ice_release_nvm(hw);
out:
kfree(buf);
return ret;
Reported by FlawFinder.
Line: 909
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
}
break;
case ETH_SS_TEST:
memcpy(data, ice_gstrings_test, ICE_TEST_LEN * ETH_GSTRING_LEN);
break;
case ETH_SS_PRIV_FLAGS:
for (i = 0; i < ICE_PRIV_FLAG_ARRAY_SIZE; i++)
ethtool_sprintf(&p, ice_gstrings_priv_flags[i].name);
break;
Reported by FlawFinder.
Line: 3166
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (!vsi->rss_hkey_user)
return -ENOMEM;
}
memcpy(vsi->rss_hkey_user, key, ICE_VSIQF_HKEY_ARRAY_SIZE);
err = ice_set_rss_key(vsi, vsi->rss_hkey_user);
if (err)
return err;
}
Reported by FlawFinder.
Line: 3970
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
/* Make sure we have enough room for the new block */
if ((i + SFF_READ_BLOCK_SIZE) < ee->len)
memcpy(data + i, value, SFF_READ_BLOCK_SIZE);
}
}
return 0;
}
Reported by FlawFinder.
drivers/net/ethernet/intel/ixgbe/ixgbe_sriov.c
6 issues
Line: 687
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
entry->free = false;
entry->is_macvlan = true;
entry->vf = vf;
memcpy(entry->vf_macvlan, mac_addr, ETH_ALEN);
return 0;
}
static inline void ixgbe_vf_reset_event(struct ixgbe_adapter *adapter, u32 vf)
Reported by FlawFinder.
Line: 781
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
ixgbe_del_mac_filter(adapter, adapter->vfinfo[vf].vf_mac_addresses, vf);
retval = ixgbe_add_mac_filter(adapter, mac_addr, vf);
if (retval >= 0)
memcpy(adapter->vfinfo[vf].vf_mac_addresses, mac_addr,
ETH_ALEN);
else
eth_zero_addr(adapter->vfinfo[vf].vf_mac_addresses);
return retval;
Reported by FlawFinder.
Line: 903
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
msgbuf[0] = IXGBE_VF_RESET;
if (!is_zero_ether_addr(vf_mac) && adapter->vfinfo[vf].pf_set_mac) {
msgbuf[0] |= IXGBE_VT_MSGTYPE_ACK;
memcpy(addr, vf_mac, ETH_ALEN);
} else {
msgbuf[0] |= IXGBE_VT_MSGTYPE_NACK;
}
/*
Reported by FlawFinder.
Line: 1124
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
return -EOPNOTSUPP;
}
memcpy(rss_key, adapter->rss_key, IXGBE_RSS_KEY_SIZE);
return 0;
}
static int ixgbe_update_vf_xcast_mode(struct ixgbe_adapter *adapter,
Reported by FlawFinder.
Line: 1399
Column: 4
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
retval = ixgbe_del_mac_filter(adapter, vf_mac_addr, vf);
if (retval >= 0) {
adapter->vfinfo[vf].pf_set_mac = false;
memcpy(vf_mac_addr, mac, ETH_ALEN);
} else {
dev_warn(&adapter->pdev->dev, "Could NOT remove the VF MAC address.\n");
}
} else {
retval = -EINVAL;
Reported by FlawFinder.
Line: 1708
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (vf >= adapter->num_vfs)
return -EINVAL;
ivi->vf = vf;
memcpy(&ivi->mac, adapter->vfinfo[vf].vf_mac_addresses, ETH_ALEN);
ivi->max_tx_rate = adapter->vfinfo[vf].tx_rate;
ivi->min_tx_rate = 0;
ivi->vlan = adapter->vfinfo[vf].pf_vlan;
ivi->qos = adapter->vfinfo[vf].pf_qos;
ivi->spoofchk = adapter->vfinfo[vf].spoofchk_enabled;
Reported by FlawFinder.
drivers/net/netdevsim/bpf.c
6 issues
Line: 222
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct bpf_prog *prog)
{
struct nsim_bpf_bound_prog *state;
char name[16];
int ret;
state = kzalloc(sizeof(*state), GFP_KERNEL);
if (!state)
return -ENOMEM;
Reported by FlawFinder.
Line: 234
Column: 2
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
state->state = "verify";
/* Program id is not populated yet when we create the state. */
sprintf(name, "%u", nsim_dev->prog_id_gen++);
state->ddir = debugfs_create_dir(name, nsim_dev->ddir_bpf_bound_progs);
if (IS_ERR(state->ddir)) {
ret = PTR_ERR(state->ddir);
kfree(state);
return ret;
Reported by FlawFinder.
Line: 385
Column: 4
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
for (; idx < ARRAY_SIZE(nmap->entry); idx++) {
if (nmap->entry[idx].key) {
memcpy(next_key, nmap->entry[idx].key,
offmap->map.key_size);
break;
}
}
Reported by FlawFinder.
Line: 408
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
idx = nsim_map_key_find(offmap, key);
if (idx >= 0)
memcpy(value, nmap->entry[idx].value, offmap->map.value_size);
mutex_unlock(&nmap->mutex);
return idx < 0 ? idx : 0;
}
Reported by FlawFinder.
Line: 448
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
goto exit_unlock;
}
memcpy(nmap->entry[idx].key, key, offmap->map.key_size);
memcpy(nmap->entry[idx].value, value, offmap->map.value_size);
exit_unlock:
mutex_unlock(&nmap->mutex);
return err;
Reported by FlawFinder.
Line: 449
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
}
memcpy(nmap->entry[idx].key, key, offmap->map.key_size);
memcpy(nmap->entry[idx].value, value, offmap->map.value_size);
exit_unlock:
mutex_unlock(&nmap->mutex);
return err;
}
Reported by FlawFinder.
drivers/net/ethernet/sfc/falcon/falcon.c
6 issues
Line: 578
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
/* Program data register, if we have data */
if (in != NULL) {
memcpy(®, in, len);
ef4_writeo(efx, ®, FR_AB_EE_SPI_HDATA);
}
/* Issue read/write command */
EF4_POPULATE_OWORD_7(reg,
Reported by FlawFinder.
Line: 602
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
/* Read data */
if (out != NULL) {
ef4_reado(efx, ®, FR_AB_EE_SPI_HDATA);
memcpy(out, ®, len);
}
return 0;
}
Reported by FlawFinder.
Line: 1147
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
ef4_writeo(efx, ®, FR_AB_XM_FC);
/* Set MAC address */
memcpy(®, &efx->net_dev->dev_addr[0], 4);
ef4_writeo(efx, ®, FR_AB_XM_ADR_LO);
memcpy(®, &efx->net_dev->dev_addr[4], 2);
ef4_writeo(efx, ®, FR_AB_XM_ADR_HI);
}
Reported by FlawFinder.
Line: 1149
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
/* Set MAC address */
memcpy(®, &efx->net_dev->dev_addr[0], 4);
ef4_writeo(efx, ®, FR_AB_XM_ADR_LO);
memcpy(®, &efx->net_dev->dev_addr[4], 2);
ef4_writeo(efx, ®, FR_AB_XM_ADR_HI);
}
static void falcon_reconfigure_xgxs_core(struct ef4_nic *efx)
{
Reported by FlawFinder.
Line: 1845
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
rc = 0;
if (nvconfig_out)
memcpy(nvconfig_out, nvconfig, sizeof(*nvconfig));
out:
kfree(region);
return rc;
}
Reported by FlawFinder.
Line: 2604
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
}
if (full_stats)
memcpy(full_stats, stats, sizeof(u64) * FALCON_STAT_COUNT);
if (core_stats) {
core_stats->rx_packets = stats[FALCON_STAT_rx_packets];
core_stats->tx_packets = stats[FALCON_STAT_tx_packets];
core_stats->rx_bytes = stats[FALCON_STAT_rx_bytes];
Reported by FlawFinder.
drivers/net/netconsole.c
6 issues
Line: 572
return -EINVAL;
}
CONFIGFS_ATTR(, enabled);
CONFIGFS_ATTR(, extended);
CONFIGFS_ATTR(, dev_name);
CONFIGFS_ATTR(, local_port);
CONFIGFS_ATTR(, remote_port);
CONFIGFS_ATTR(, local_ip);
Reported by Cppcheck.
Line: 47
Column: 8
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#define MAX_PARAM_LENGTH 256
#define MAX_PRINT_CHUNK 1000
static char config[MAX_PARAM_LENGTH];
module_param_string(netconsole, config, MAX_PARAM_LENGTH, 0);
MODULE_PARM_DESC(netconsole, " netconsole=[src-port]@[src-ip]/[dev],[tgt-port]@<tgt-ip>/[tgt-macaddr]");
static bool oops_only = false;
module_param(oops_only, bool, 0600);
Reported by FlawFinder.
Line: 563
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
goto out_unlock;
if (buf[3 * ETH_ALEN - 1] && buf[3 * ETH_ALEN - 1] != '\n')
goto out_unlock;
memcpy(nt->np.remote_mac, remote_mac, ETH_ALEN);
mutex_unlock(&dynamic_netconsole_mutex);
return strnlen(buf, count);
out_unlock:
mutex_unlock(&dynamic_netconsole_mutex);
Reported by FlawFinder.
Line: 773
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static void send_ext_msg_udp(struct netconsole_target *nt, const char *msg,
int msg_len)
{
static char buf[MAX_PRINT_CHUNK]; /* protected by target_list_lock */
const char *header, *body;
int offset = 0;
int header_len, body_len;
if (msg_len <= MAX_PRINT_CHUNK) {
Reported by FlawFinder.
Line: 797
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
* Transfer multiple chunks with the following extra header.
* "ncfrag=<byte-offset>/<total-bytes>"
*/
memcpy(buf, header, header_len);
while (offset < body_len) {
int this_header = header_len;
int this_chunk;
Reported by FlawFinder.
Line: 812
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (WARN_ON_ONCE(this_chunk <= 0))
return;
memcpy(buf + this_header, body + offset, this_chunk);
netpoll_send_udp(&nt->np, buf, this_header + this_chunk);
offset += this_chunk;
}
Reported by FlawFinder.
drivers/net/ethernet/ibm/ehea/ehea_main.c
6 issues
Line: 1732
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
goto out;
}
memcpy(&(cb0->port_mac_addr), &(mac_addr->sa_data[0]), ETH_ALEN);
cb0->port_mac_addr = cb0->port_mac_addr >> 16;
hret = ehea_h_modify_ehea_port(port->adapter->handle,
port->logical_port_id, H_PORT_CB0,
Reported by FlawFinder.
Line: 1744
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
goto out_free;
}
memcpy(dev->dev_addr, mac_addr->sa_data, dev->addr_len);
/* Deregister old MAC in pHYP */
if (port->state == EHEA_PORT_UP) {
ret = ehea_broadcast_reg_helper(port, H_DEREG_BCMC);
if (ret)
Reported by FlawFinder.
Line: 1905
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
INIT_LIST_HEAD(&ehea_mcl_entry->list);
memcpy(&ehea_mcl_entry->macaddr, mc_mac_addr, ETH_ALEN);
hret = ehea_multicast_reg_helper(port, ehea_mcl_entry->macaddr,
H_REG_BCMC);
if (!hret)
list_add(&ehea_mcl_entry->list, &port->mc_list->list);
Reported by FlawFinder.
Line: 2875
Column: 9
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
struct device_attribute *attr, char *buf)
{
struct ehea_port *port = container_of(dev, struct ehea_port, ofdev.dev);
return sprintf(buf, "%d", port->logical_port_id);
}
static DEVICE_ATTR_RO(log_port_id);
static void logical_port_release(struct device *dev)
Reported by FlawFinder.
Line: 2989
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
SET_NETDEV_DEV(dev, port_dev);
/* initialize net_device structure */
memcpy(dev->dev_addr, &port->mac_addr, ETH_ALEN);
dev->netdev_ops = &ehea_netdev_ops;
ehea_set_ethtool_ops(dev);
dev->hw_features = NETIF_F_SG | NETIF_F_TSO |
Reported by FlawFinder.
Line: 3525
Column: 9
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
static ssize_t capabilities_show(struct device_driver *drv, char *buf)
{
return sprintf(buf, "%d", EHEA_CAPABILITIES);
}
static DRIVER_ATTR_RO(capabilities);
static int __init ehea_module_init(void)
Reported by FlawFinder.
drivers/net/ethernet/sfc/mcdi_filters.c
6 issues
Line: 118
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
BUILD_BUG_ON( \
MC_CMD_FILTER_OP_IN_ ## mcdi_field ## _LEN < \
sizeof(value)); \
memcpy(MCDI_PTR(inbuf, FILTER_OP_IN_ ## mcdi_field), \
&value, sizeof(value)); \
} while (0)
#define COPY_FIELD(gen_flag, gen_field, mcdi_field) \
if (spec->match_flags & EFX_FILTER_MATCH_ ## gen_flag) { \
COPY_VALUE(spec->gen_field, mcdi_field); \
Reported by FlawFinder.
Line: 2084
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
memcpy(efx->rss_context.rx_indir_table, rx_indir_table,
sizeof(efx->rss_context.rx_indir_table));
if (key != efx->rss_context.rx_hash_key)
memcpy(efx->rss_context.rx_hash_key, key,
efx->type->rx_hash_key_size);
return 0;
fail2:
Reported by FlawFinder.
Line: 2122
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (rc)
return rc;
memcpy(ctx->rx_indir_table, rx_indir_table,
sizeof(efx->rss_context.rx_indir_table));
memcpy(ctx->rx_hash_key, key, efx->type->rx_hash_key_size);
return 0;
}
Reported by FlawFinder.
Line: 2124
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
memcpy(ctx->rx_indir_table, rx_indir_table,
sizeof(efx->rss_context.rx_indir_table));
memcpy(ctx->rx_hash_key, key, efx->type->rx_hash_key_size);
return 0;
}
int efx_mcdi_rx_pull_rss_context_config(struct efx_nic *efx,
Reported by FlawFinder.
Line: 2238
Column: 60
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
size_t i;
for (i = 0;
i < ARRAY_SIZE(efx->rss_context.rx_indir_table) && !mismatch;
i++)
mismatch = rx_indir_table[i] !=
ethtool_rxfh_indir_default(i, efx->rss_spread);
rc = efx_mcdi_filter_rx_push_shared_rss_config(efx, &context_size);
Reported by FlawFinder.
Line: 2252
Column: 13
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
" different size."
" Wanted %u, got %u.\n",
efx->rss_spread, context_size);
else if (mismatch)
netif_warn(efx, probe, efx->net_dev,
"Could not allocate an exclusive RSS"
" context; allocated a shared one but"
" could not apply custom"
" indirection.\n");
Reported by FlawFinder.