The following issues were found
sound/usb/mixer_scarlett_gen2.c
29 issues
Line: 1914
Column: 36
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
static void scarlett2_sw_hw_ctl_ro(struct scarlett2_data *private, int index)
{
private->sw_hw_ctls[index]->vd[0].access &=
~SNDRV_CTL_ELEM_ACCESS_WRITE;
}
static void scarlett2_sw_hw_ctl_rw(struct scarlett2_data *private, int index)
{
Reported by FlawFinder.
Line: 1920
Column: 36
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
static void scarlett2_sw_hw_ctl_rw(struct scarlett2_data *private, int index)
{
private->sw_hw_ctls[index]->vd[0].access |=
SNDRV_CTL_ELEM_ACCESS_WRITE;
}
static int scarlett2_sw_hw_enum_ctl_info(struct snd_kcontrol *kctl,
struct snd_ctl_elem_info *uinfo)
Reported by FlawFinder.
Line: 1953
Column: 35
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
/* Set/Clear write bits */
if (value) {
private->vol_ctls[index]->vd[0].access |=
SNDRV_CTL_ELEM_ACCESS_WRITE;
private->mute_ctls[index]->vd[0].access |=
SNDRV_CTL_ELEM_ACCESS_WRITE;
} else {
private->vol_ctls[index]->vd[0].access &=
Reported by FlawFinder.
Line: 1955
Column: 36
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
if (value) {
private->vol_ctls[index]->vd[0].access |=
SNDRV_CTL_ELEM_ACCESS_WRITE;
private->mute_ctls[index]->vd[0].access |=
SNDRV_CTL_ELEM_ACCESS_WRITE;
} else {
private->vol_ctls[index]->vd[0].access &=
~SNDRV_CTL_ELEM_ACCESS_WRITE;
private->mute_ctls[index]->vd[0].access &=
Reported by FlawFinder.
Line: 1958
Column: 35
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
private->mute_ctls[index]->vd[0].access |=
SNDRV_CTL_ELEM_ACCESS_WRITE;
} else {
private->vol_ctls[index]->vd[0].access &=
~SNDRV_CTL_ELEM_ACCESS_WRITE;
private->mute_ctls[index]->vd[0].access &=
~SNDRV_CTL_ELEM_ACCESS_WRITE;
}
Reported by FlawFinder.
Line: 1960
Column: 36
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
} else {
private->vol_ctls[index]->vd[0].access &=
~SNDRV_CTL_ELEM_ACCESS_WRITE;
private->mute_ctls[index]->vd[0].access &=
~SNDRV_CTL_ELEM_ACCESS_WRITE;
}
/* Notify of write bit and possible value change */
snd_ctl_notify(card,
Reported by FlawFinder.
Line: 3053
Column: 3
CWE codes:
134
Suggestion:
Use a constant for the format specification
/* Add input level (line/inst) controls */
for (i = 0; i < info->level_input_count; i++) {
snprintf(s, sizeof(s), fmt, i + 1 + info->level_input_first,
"Level", "Enum");
err = scarlett2_add_new_ctl(mixer, &scarlett2_level_enum_ctl,
i, 1, s, &private->level_ctls[i]);
if (err < 0)
return err;
Reported by FlawFinder.
Line: 3063
Column: 3
CWE codes:
134
Suggestion:
Use a constant for the format specification
/* Add input pad controls */
for (i = 0; i < info->pad_input_count; i++) {
snprintf(s, sizeof(s), fmt, i + 1, "Pad", "Switch");
err = scarlett2_add_new_ctl(mixer, &scarlett2_pad_ctl,
i, 1, s, &private->pad_ctls[i]);
if (err < 0)
return err;
}
Reported by FlawFinder.
Line: 3072
Column: 3
CWE codes:
134
Suggestion:
Use a constant for the format specification
/* Add input air controls */
for (i = 0; i < info->air_input_count; i++) {
snprintf(s, sizeof(s), fmt, i + 1, "Air", "Switch");
err = scarlett2_add_new_ctl(mixer, &scarlett2_air_ctl,
i, 1, s, &private->air_ctls[i]);
if (err < 0)
return err;
}
Reported by FlawFinder.
Line: 3082
Column: 4
CWE codes:
134
Suggestion:
Use a constant for the format specification
/* Add input phantom controls */
if (info->inputs_per_phantom == 1) {
for (i = 0; i < info->phantom_count; i++) {
snprintf(s, sizeof(s), fmt, i + 1,
"Phantom Power", "Switch");
err = scarlett2_add_new_ctl(
mixer, &scarlett2_phantom_ctl,
i, 1, s, &private->phantom_ctls[i]);
if (err < 0)
Reported by FlawFinder.
drivers/net/ethernet/chelsio/cxgb4/t4_hw.c
29 issues
Line: 239
Column: 11
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
*/
static void t4_record_mbox(struct adapter *adapter,
const __be64 *cmd, unsigned int size,
int access, int execute)
{
struct mbox_cmd_log *log = adapter->mbox_log;
struct mbox_cmd *entry;
int i;
Reported by FlawFinder.
Line: 255
Column: 18
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
entry->cmd[i++] = 0;
entry->timestamp = jiffies;
entry->seqno = log->seqno++;
entry->access = access;
entry->execute = execute;
}
/**
* t4_wr_mbox_meat_timeout - send a command to FW through the given mailbox
Reported by FlawFinder.
Line: 341
Column: 36
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
list_del(&entry.list);
spin_unlock_bh(&adap->mbox_lock);
ret = (pcie_fw & PCIE_FW_ERR_F) ? -ENXIO : -EBUSY;
t4_record_mbox(adap, cmd, size, access, ret);
return ret;
}
/* If we're at the head, break out and start the mailbox
* protocol.
Reported by FlawFinder.
Line: 374
Column: 35
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
list_del(&entry.list);
spin_unlock_bh(&adap->mbox_lock);
ret = (v == MBOX_OWNER_FW) ? -EBUSY : -ETIMEDOUT;
t4_record_mbox(adap, cmd, size, access, ret);
return ret;
}
/* Copy in the new mailbox command and send it on its way ... */
t4_record_mbox(adap, cmd, size, access, 0);
Reported by FlawFinder.
Line: 379
Column: 34
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
}
/* Copy in the new mailbox command and send it on its way ... */
t4_record_mbox(adap, cmd, size, access, 0);
for (i = 0; i < size; i += 8)
t4_write_reg64(adap, data_reg + i, be64_to_cpu(*p++));
t4_write_reg(adap, ctl_reg, MBMSGVALID_F | MBOWNER_V(MBOX_OWNER_FW));
t4_read_reg(adap, ctl_reg); /* flush write */
Reported by FlawFinder.
Line: 422
Column: 22
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
execute = i + ms;
t4_record_mbox(adap, cmd_rpl,
MBOX_LEN, access, execute);
spin_lock_bh(&adap->mbox_lock);
list_del(&entry.list);
spin_unlock_bh(&adap->mbox_lock);
return -FW_CMD_RETVAL_G((int)res);
}
Reported by FlawFinder.
Line: 431
Column: 34
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
}
ret = (pcie_fw & PCIE_FW_ERR_F) ? -ENXIO : -ETIMEDOUT;
t4_record_mbox(adap, cmd, size, access, ret);
dev_err(adap->pdev_dev, "command %#x in mailbox %d timed out\n",
*(const u8 *)cmd, mbox);
t4_report_fw_error(adap);
spin_lock_bh(&adap->mbox_lock);
list_del(&entry.list);
Reported by FlawFinder.
Line: 415
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
fw_asrt(adap, data_reg);
res = FW_CMD_RETVAL_V(EIO);
} else if (rpl) {
memcpy(rpl, cmd_rpl, size);
}
t4_write_reg(adap, ctl_reg, 0);
execute = i + ms;
Reported by FlawFinder.
Line: 578
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
union {
u32 word;
char byte[4];
} last;
unsigned char *bp;
int i;
if (dir == T4_MEMORY_READ) {
Reported by FlawFinder.
Line: 2820
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
FIND_VPD_KW(na, "NA");
#undef FIND_VPD_KW
memcpy(p->id, vpd + PCI_VPD_LRDT_TAG_SIZE, id_len);
strim(p->id);
memcpy(p->ec, vpd + ec, EC_LEN);
strim(p->ec);
i = pci_vpd_info_field_size(vpd + sn - PCI_VPD_INFO_FLD_HDR_SIZE);
memcpy(p->sn, vpd + sn, min(i, SERNUM_LEN));
Reported by FlawFinder.
drivers/usb/gadget/function/uvc_configfs.c
29 issues
Line: 157
Column: 11
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
opts = to_f_uvc_opts(opts_item); \
\
mutex_lock(&opts->lock); \
result = sprintf(page, "%u\n", le##bits##_to_cpu(ch->desc.aname));\
mutex_unlock(&opts->lock); \
\
mutex_unlock(su_mutex); \
return result; \
} \
Reported by FlawFinder.
Line: 277
Column: 11
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
pd = &opts->uvc_processing; \
\
mutex_lock(&opts->lock); \
result = sprintf(page, "%u\n", le##bits##_to_cpu(pd->aname)); \
mutex_unlock(&opts->lock); \
\
mutex_unlock(su_mutex); \
return result; \
} \
Reported by FlawFinder.
Line: 312
Column: 13
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
mutex_lock(&opts->lock);
for (result = 0, i = 0; i < pd->bControlSize; ++i) {
result += sprintf(pg, "%u\n", pd->bmControls[i]);
pg = page + result;
}
mutex_unlock(&opts->lock);
mutex_unlock(su_mutex);
Reported by FlawFinder.
Line: 381
Column: 11
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
cd = &opts->uvc_camera_terminal; \
\
mutex_lock(&opts->lock); \
result = sprintf(page, "%u\n", le##bits##_to_cpu(cd->aname)); \
mutex_unlock(&opts->lock); \
\
mutex_unlock(su_mutex); \
\
return result; \
Reported by FlawFinder.
Line: 424
Column: 13
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
mutex_lock(&opts->lock);
for (result = 0, i = 0; i < cd->bControlSize; ++i) {
result += sprintf(pg, "%u\n", cd->bmControls[i]);
pg = page + result;
}
mutex_unlock(&opts->lock);
mutex_unlock(su_mutex);
Reported by FlawFinder.
Line: 495
Column: 11
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
cd = &opts->uvc_output_terminal; \
\
mutex_lock(&opts->lock); \
result = sprintf(page, "%u\n", le##bits##_to_cpu(cd->aname)); \
mutex_unlock(&opts->lock); \
\
mutex_unlock(su_mutex); \
\
return result; \
Reported by FlawFinder.
Line: 731
Column: 12
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
opts = to_f_uvc_opts(opts_item);
mutex_lock(&opts->lock);
result += sprintf(page, "%u\n", opts->control_interface);
mutex_unlock(&opts->lock);
mutex_unlock(su_mutex);
return result;
Reported by FlawFinder.
Line: 804
Column: 11
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
opts = to_f_uvc_opts(opts_item);
mutex_lock(&opts->lock);
result = sprintf(pg, "0x");
pg += result;
for (i = 0; i < UVCG_STREAMING_CONTROL_SIZE; ++i) {
result += sprintf(pg, "%x\n", f->bmaControls[i]);
pg = page + result;
}
Reported by FlawFinder.
Line: 807
Column: 13
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
result = sprintf(pg, "0x");
pg += result;
for (i = 0; i < UVCG_STREAMING_CONTROL_SIZE; ++i) {
result += sprintf(pg, "%x\n", f->bmaControls[i]);
pg = page + result;
}
mutex_unlock(&opts->lock);
mutex_unlock(su_mutex);
Reported by FlawFinder.
Line: 993
Column: 11
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
opts = to_f_uvc_opts(opts_item); \
\
mutex_lock(&opts->lock); \
result = sprintf(page, "%u\n", le##bits##_to_cpu(sh->desc.aname));\
mutex_unlock(&opts->lock); \
\
mutex_unlock(su_mutex); \
return result; \
} \
Reported by FlawFinder.
net/core/net-sysfs.c
29 issues
Line: 773
CWE codes:
685
for (i = 0; i < map->len; i++)
cpumask_set_cpu(map->cpus[i], mask);
len = snprintf(buf, PAGE_SIZE, "%*pb\n", cpumask_pr_args(mask));
rcu_read_unlock();
free_cpumask_var(mask);
return len < PAGE_SIZE ? len : -EINVAL;
}
Reported by Cppcheck.
Line: 60
Column: 9
CWE codes:
134
Suggestion:
Make format string constant
#define NETDEVICE_SHOW(field, format_string) \
static ssize_t format_##field(const struct net_device *dev, char *buf) \
{ \
return sprintf(buf, format_string, dev->field); \
} \
static ssize_t field##_show(struct device *dev, \
struct device_attribute *attr, char *buf) \
{ \
return netdev_show(dev, attr, buf, format_##field); \
Reported by FlawFinder.
Line: 119
Column: 9
CWE codes:
134
Suggestion:
Make format string constant
{
struct net_device *ndev = to_net_dev(dev);
return sprintf(buf, fmt_dec, dev_get_iflink(ndev));
}
static DEVICE_ATTR_RO(iflink);
static ssize_t format_name_assign_type(const struct net_device *dev, char *buf)
{
Reported by FlawFinder.
Line: 125
Column: 9
CWE codes:
134
Suggestion:
Make format string constant
static ssize_t format_name_assign_type(const struct net_device *dev, char *buf)
{
return sprintf(buf, fmt_dec, dev->name_assign_type);
}
static ssize_t name_assign_type_show(struct device *dev,
struct device_attribute *attr,
char *buf)
Reported by FlawFinder.
Line: 187
Column: 10
CWE codes:
134
Suggestion:
Make format string constant
struct net_device *netdev = to_net_dev(dev);
if (netif_running(netdev))
return sprintf(buf, fmt_dec, !!netif_carrier_ok(netdev));
return -EINVAL;
}
static DEVICE_ATTR_RW(carrier);
Reported by FlawFinder.
Line: 206
Column: 10
CWE codes:
134
Suggestion:
Make format string constant
struct ethtool_link_ksettings cmd;
if (!__ethtool_get_link_ksettings(netdev, &cmd))
ret = sprintf(buf, fmt_dec, cmd.base.speed);
}
rtnl_unlock();
return ret;
}
static DEVICE_ATTR_RO(speed);
Reported by FlawFinder.
Line: 239
Column: 10
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
duplex = "unknown";
break;
}
ret = sprintf(buf, "%s\n", duplex);
}
}
rtnl_unlock();
return ret;
}
Reported by FlawFinder.
Line: 253
Column: 10
CWE codes:
134
Suggestion:
Make format string constant
struct net_device *netdev = to_net_dev(dev);
if (netif_running(netdev))
return sprintf(buf, fmt_dec, !!netif_testing(netdev));
return -EINVAL;
}
static DEVICE_ATTR_RO(testing);
Reported by FlawFinder.
Line: 265
Column: 10
CWE codes:
134
Suggestion:
Make format string constant
struct net_device *netdev = to_net_dev(dev);
if (netif_running(netdev))
return sprintf(buf, fmt_dec, !!netif_dormant(netdev));
return -EINVAL;
}
static DEVICE_ATTR_RO(dormant);
Reported by FlawFinder.
Line: 296
Column: 9
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
if (operstate >= ARRAY_SIZE(operstates))
return -EINVAL; /* should not happen */
return sprintf(buf, "%s\n", operstates[operstate]);
}
static DEVICE_ATTR_RO(operstate);
static ssize_t carrier_changes_show(struct device *dev,
struct device_attribute *attr,
Reported by FlawFinder.
drivers/gpu/drm/amd/pm/powerplay/hwmgr/vega10_hwmgr.c
29 issues
Line: 2507
result = smum_smc_table_manager(hwmgr, (uint8_t *)avfs_fuse_table,
AVFSFUSETABLE, false);
PP_ASSERT_WITH_CODE(!result,
"Failed to upload FuseOVerride!",
);
}
return result;
}
Reported by Cppcheck.
Line: 4557
Column: 10
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
return ret);
size += sprintf(buf + size, "Current ppfeatures: 0x%016llx\n", features_enabled);
size += sprintf(buf + size, "%-19s %-22s %s\n",
output_title[0],
output_title[1],
output_title[2]);
for (i = 0; i < GNLD_FEATURES_MAX; i++) {
size += sprintf(buf + size, "%-19s 0x%016llx %6s\n",
Reported by FlawFinder.
Line: 4562
Column: 11
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
output_title[1],
output_title[2]);
for (i = 0; i < GNLD_FEATURES_MAX; i++) {
size += sprintf(buf + size, "%-19s 0x%016llx %6s\n",
ppfeature_name[i],
1ULL << i,
(features_enabled & (1ULL << i)) ? "Y" : "N");
}
Reported by FlawFinder.
Line: 4653
Column: 12
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
else
count = sclk_table->count;
for (i = 0; i < count; i++)
size += sprintf(buf + size, "%d: %uMhz %s\n",
i, sclk_table->dpm_levels[i].value / 100,
(i == now) ? "*" : "");
break;
case PP_MCLK:
if (data->registry_data.mclk_dpm_key_disabled)
Reported by FlawFinder.
Line: 4664
Column: 12
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
smum_send_msg_to_smc(hwmgr, PPSMC_MSG_GetCurrentUclkIndex, &now);
for (i = 0; i < mclk_table->count; i++)
size += sprintf(buf + size, "%d: %uMhz %s\n",
i, mclk_table->dpm_levels[i].value / 100,
(i == now) ? "*" : "");
break;
case PP_SOCCLK:
if (data->registry_data.socclk_dpm_key_disabled)
Reported by FlawFinder.
Line: 4675
Column: 12
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
smum_send_msg_to_smc(hwmgr, PPSMC_MSG_GetCurrentSocclkIndex, &now);
for (i = 0; i < soc_table->count; i++)
size += sprintf(buf + size, "%d: %uMhz %s\n",
i, soc_table->dpm_levels[i].value / 100,
(i == now) ? "*" : "");
break;
case PP_DCEFCLK:
if (data->registry_data.dcefclk_dpm_key_disabled)
Reported by FlawFinder.
Line: 4687
Column: 12
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
PPSMC_MSG_GetClockFreqMHz, CLK_DCEFCLK, &now);
for (i = 0; i < dcef_table->count; i++)
size += sprintf(buf + size, "%d: %uMhz %s\n",
i, dcef_table->dpm_levels[i].value / 100,
(dcef_table->dpm_levels[i].value / 100 == now) ?
"*" : "");
break;
case PP_PCIE:
Reported by FlawFinder.
Line: 4701
Column: 12
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
gen_speed = pptable->PcieGenSpeed[i];
lane_width = pptable->PcieLaneCount[i];
size += sprintf(buf + size, "%d: %s %s %s\n", i,
(gen_speed == 0) ? "2.5GT/s," :
(gen_speed == 1) ? "5.0GT/s," :
(gen_speed == 2) ? "8.0GT/s," :
(gen_speed == 3) ? "16.0GT/s," : "",
(lane_width == 1) ? "x1" :
Reported by FlawFinder.
Line: 4720
Column: 11
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
case OD_SCLK:
if (hwmgr->od_enabled) {
size = sprintf(buf, "%s:\n", "OD_SCLK");
podn_vdd_dep = &data->odn_dpm_table.vdd_dep_on_sclk;
for (i = 0; i < podn_vdd_dep->count; i++)
size += sprintf(buf + size, "%d: %10uMhz %10umV\n",
i, podn_vdd_dep->entries[i].clk / 100,
podn_vdd_dep->entries[i].vddc);
Reported by FlawFinder.
Line: 4730
Column: 11
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
break;
case OD_MCLK:
if (hwmgr->od_enabled) {
size = sprintf(buf, "%s:\n", "OD_MCLK");
podn_vdd_dep = &data->odn_dpm_table.vdd_dep_on_mclk;
for (i = 0; i < podn_vdd_dep->count; i++)
size += sprintf(buf + size, "%d: %10uMhz %10umV\n",
i, podn_vdd_dep->entries[i].clk/100,
podn_vdd_dep->entries[i].vddc);
Reported by FlawFinder.
Documentation/sphinx/cdomain.py
29 issues
Line: 2
Column: 1
# -*- coding: utf-8; mode: python -*-
# pylint: disable=W0141,C0113,C0103,C0325
u"""
cdomain
~~~~~~~
Replacement for the sphinx c-domain.
:copyright: Copyright (C) 2016 Markus Heiser
Reported by Pylint.
Line: 35
Column: 1
"""
from docutils import nodes
from docutils.parsers.rst import directives
import sphinx
from sphinx import addnodes
from sphinx.domains.c import c_funcptr_sig_re, c_sig_re
Reported by Pylint.
Line: 36
Column: 1
"""
from docutils import nodes
from docutils.parsers.rst import directives
import sphinx
from sphinx import addnodes
from sphinx.domains.c import c_funcptr_sig_re, c_sig_re
from sphinx.domains.c import CObject as Base_CObject
Reported by Pylint.
Line: 38
Column: 1
from docutils import nodes
from docutils.parsers.rst import directives
import sphinx
from sphinx import addnodes
from sphinx.domains.c import c_funcptr_sig_re, c_sig_re
from sphinx.domains.c import CObject as Base_CObject
from sphinx.domains.c import CDomain as Base_CDomain
from itertools import chain
Reported by Pylint.
Line: 39
Column: 1
from docutils.parsers.rst import directives
import sphinx
from sphinx import addnodes
from sphinx.domains.c import c_funcptr_sig_re, c_sig_re
from sphinx.domains.c import CObject as Base_CObject
from sphinx.domains.c import CDomain as Base_CDomain
from itertools import chain
import re
Reported by Pylint.
Line: 40
Column: 1
import sphinx
from sphinx import addnodes
from sphinx.domains.c import c_funcptr_sig_re, c_sig_re
from sphinx.domains.c import CObject as Base_CObject
from sphinx.domains.c import CDomain as Base_CDomain
from itertools import chain
import re
Reported by Pylint.
Line: 41
Column: 1
import sphinx
from sphinx import addnodes
from sphinx.domains.c import c_funcptr_sig_re, c_sig_re
from sphinx.domains.c import CObject as Base_CObject
from sphinx.domains.c import CDomain as Base_CDomain
from itertools import chain
import re
__version__ = '1.1'
Reported by Pylint.
Line: 42
Column: 1
from sphinx import addnodes
from sphinx.domains.c import c_funcptr_sig_re, c_sig_re
from sphinx.domains.c import CObject as Base_CObject
from sphinx.domains.c import CDomain as Base_CDomain
from itertools import chain
import re
__version__ = '1.1'
Reported by Pylint.
Line: 61
Column: 5
RE_namespace = re.compile(r'^\s*..\s*c:namespace::\s*(\S+)\s*$')
def markup_namespace(match):
global namespace
namespace = match.group(1)
return ""
Reported by Pylint.
Line: 96
Column: 3
#
RE_expr = re.compile(r':c:(expr|texpr):`([^\`]+)`')
def markup_c_expr(match):
return '\ ``' + match.group(2) + '``\ '
#
# Parse Sphinx 3.x C markups, replacing them by backward-compatible ones
#
def c_markups(app, docname, source):
Reported by Pylint.
arch/s390/include/uapi/asm/vtoc.h
29 issues
Line: 43
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct vtoc_volume_label_cdl
{
char volkey[4]; /* volume key = volume label */
char vollbl[4]; /* volume label */
char volid[6]; /* volume identifier */
__u8 security; /* security byte */
struct vtoc_cchhb vtoc; /* VTOC address */
char res1[5]; /* reserved */
Reported by FlawFinder.
Line: 44
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct vtoc_volume_label_cdl
{
char volkey[4]; /* volume key = volume label */
char vollbl[4]; /* volume label */
char volid[6]; /* volume identifier */
__u8 security; /* security byte */
struct vtoc_cchhb vtoc; /* VTOC address */
char res1[5]; /* reserved */
char cisize[4]; /* CI-size for FBA,... */
Reported by FlawFinder.
Line: 45
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
char volkey[4]; /* volume key = volume label */
char vollbl[4]; /* volume label */
char volid[6]; /* volume identifier */
__u8 security; /* security byte */
struct vtoc_cchhb vtoc; /* VTOC address */
char res1[5]; /* reserved */
char cisize[4]; /* CI-size for FBA,... */
/* ...blanks for CKD */
Reported by FlawFinder.
Line: 48
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
char volid[6]; /* volume identifier */
__u8 security; /* security byte */
struct vtoc_cchhb vtoc; /* VTOC address */
char res1[5]; /* reserved */
char cisize[4]; /* CI-size for FBA,... */
/* ...blanks for CKD */
char blkperci[4]; /* no of blocks per CI (FBA), blanks for CKD */
char labperci[4]; /* no of labels per CI (FBA), blanks for CKD */
char res2[4]; /* reserved */
Reported by FlawFinder.
Line: 49
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
__u8 security; /* security byte */
struct vtoc_cchhb vtoc; /* VTOC address */
char res1[5]; /* reserved */
char cisize[4]; /* CI-size for FBA,... */
/* ...blanks for CKD */
char blkperci[4]; /* no of blocks per CI (FBA), blanks for CKD */
char labperci[4]; /* no of labels per CI (FBA), blanks for CKD */
char res2[4]; /* reserved */
char lvtoc[14]; /* owner code for LVTOC */
Reported by FlawFinder.
Line: 51
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
char res1[5]; /* reserved */
char cisize[4]; /* CI-size for FBA,... */
/* ...blanks for CKD */
char blkperci[4]; /* no of blocks per CI (FBA), blanks for CKD */
char labperci[4]; /* no of labels per CI (FBA), blanks for CKD */
char res2[4]; /* reserved */
char lvtoc[14]; /* owner code for LVTOC */
char res3[29]; /* reserved */
} __attribute__ ((packed));
Reported by FlawFinder.
Line: 52
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
char cisize[4]; /* CI-size for FBA,... */
/* ...blanks for CKD */
char blkperci[4]; /* no of blocks per CI (FBA), blanks for CKD */
char labperci[4]; /* no of labels per CI (FBA), blanks for CKD */
char res2[4]; /* reserved */
char lvtoc[14]; /* owner code for LVTOC */
char res3[29]; /* reserved */
} __attribute__ ((packed));
Reported by FlawFinder.
Line: 53
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
/* ...blanks for CKD */
char blkperci[4]; /* no of blocks per CI (FBA), blanks for CKD */
char labperci[4]; /* no of labels per CI (FBA), blanks for CKD */
char res2[4]; /* reserved */
char lvtoc[14]; /* owner code for LVTOC */
char res3[29]; /* reserved */
} __attribute__ ((packed));
struct vtoc_volume_label_ldl {
Reported by FlawFinder.
Line: 54
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
char blkperci[4]; /* no of blocks per CI (FBA), blanks for CKD */
char labperci[4]; /* no of labels per CI (FBA), blanks for CKD */
char res2[4]; /* reserved */
char lvtoc[14]; /* owner code for LVTOC */
char res3[29]; /* reserved */
} __attribute__ ((packed));
struct vtoc_volume_label_ldl {
char vollbl[4]; /* volume label */
Reported by FlawFinder.
Line: 55
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
char labperci[4]; /* no of labels per CI (FBA), blanks for CKD */
char res2[4]; /* reserved */
char lvtoc[14]; /* owner code for LVTOC */
char res3[29]; /* reserved */
} __attribute__ ((packed));
struct vtoc_volume_label_ldl {
char vollbl[4]; /* volume label */
char volid[6]; /* volume identifier */
Reported by FlawFinder.
tools/perf/util/build-id.c
29 issues
Line: 210
Column: 8
CWE codes:
362
20
Suggestion:
Reconsider approach
if (!linkname)
return NULL;
len = readlink(linkname, buf, sizeof(buf) - 1);
if (len <= 0)
goto out;
buf[len] = '\0';
/* The link should be "../..<origpath>/<sbuild_id>" */
Reported by FlawFinder.
Line: 763
Column: 9
CWE codes:
362
20
Suggestion:
Reconsider approach
char path[PATH_MAX];
ssize_t len;
len = readlink(linkname, path, sizeof(path) - 1);
if (len <= 0) {
pr_err("Cant read link: %s\n", linkname);
goto out_free;
}
path[len] = '\0';
Reported by FlawFinder.
Line: 853
Column: 6
CWE codes:
362
20
Suggestion:
Reconsider approach
if (access(linkname, F_OK))
goto out_free;
if (readlink(linkname, filename, size - 1) < 0)
goto out_free;
if (unlink(linkname))
goto out_free;
Reported by FlawFinder.
Line: 158
Column: 9
CWE codes:
134
Suggestion:
Use a constant for the format specification
va_start(ap, fmt);
if (*strp)
ret = vsnprintf(*strp, size, fmt, ap);
else
ret = vasprintf(strp, fmt, ap);
va_end(ap);
return ret;
Reported by FlawFinder.
Line: 174
Column: 7
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
snprintf(bf, size, "%s/%s/%s/kallsyms",
buildid_dir, DSO__NAME_KALLSYMS, sbuild_id);
retry:
if (!access(bf, F_OK))
return bf;
if (retry_old) {
/* Try old style kallsyms cache */
snprintf(bf, size, "%s/%s/%s",
buildid_dir, DSO__NAME_KALLSYMS, sbuild_id);
Reported by FlawFinder.
Line: 652
Column: 18
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
nsinfo__mountns_enter(nsi, &nsc);
realname = realpath(debugfile, NULL);
if (realname && access(realname, R_OK))
zfree(&realname);
nsinfo__mountns_exit(&nsc);
#ifdef HAVE_DEBUGINFOD_SUPPORT
if (realname == NULL) {
Reported by FlawFinder.
Line: 705
Column: 6
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
goto out_free;
}
if (access(filename, F_OK)) {
if (is_kallsyms) {
if (copyfile("/proc/kallsyms", filename))
goto out_free;
} else if (nsi && nsi->need_setns) {
if (copyfile_ns(name, filename, nsi))
Reported by FlawFinder.
Line: 732
Column: 8
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
filename = NULL;
goto out_free;
}
if (access(filename, F_OK)) {
if (nsi && nsi->need_setns) {
if (copyfile_ns(debugfile, filename,
nsi))
goto out_free;
} else if (link(debugfile, filename) &&
Reported by FlawFinder.
Line: 750
Column: 6
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
tmp = strrchr(linkname, '/');
*tmp = '\0';
if (access(linkname, X_OK) && mkdir_p(linkname, 0755))
goto out_free;
*tmp = '/';
tmp = dir_name + strlen(buildid_dir) - 5;
memcpy(tmp, "../..", 5);
Reported by FlawFinder.
Line: 830
Column: 19
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
bool ret = false;
char *filename = build_id_cache__linkname(sbuild_id, NULL, 0);
if (filename && !access(filename, F_OK))
ret = true;
free(filename);
return ret;
}
Reported by FlawFinder.
drivers/net/ethernet/mellanox/mlx4/en_ethtool.c
29 issues
Line: 457
Column: 4
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
switch (stringset) {
case ETH_SS_TEST:
for (i = 0; i < MLX4_EN_NUM_SELF_TEST - 2; i++)
strcpy(data + i * ETH_GSTRING_LEN, mlx4_en_test_names[i]);
if (priv->mdev->dev->caps.flags & MLX4_DEV_CAP_FLAG_UC_LOOPBACK)
for (; i < MLX4_EN_NUM_SELF_TEST; i++)
strcpy(data + i * ETH_GSTRING_LEN, mlx4_en_test_names[i]);
break;
Reported by FlawFinder.
Line: 460
Column: 5
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
strcpy(data + i * ETH_GSTRING_LEN, mlx4_en_test_names[i]);
if (priv->mdev->dev->caps.flags & MLX4_DEV_CAP_FLAG_UC_LOOPBACK)
for (; i < MLX4_EN_NUM_SELF_TEST; i++)
strcpy(data + i * ETH_GSTRING_LEN, mlx4_en_test_names[i]);
break;
case ETH_SS_STATS:
/* Add main counters */
for (i = 0; i < NUM_MAIN_STATS; i++, strings++,
Reported by FlawFinder.
Line: 468
Column: 5
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
for (i = 0; i < NUM_MAIN_STATS; i++, strings++,
bitmap_iterator_inc(&it))
if (bitmap_iterator_test(&it))
strcpy(data + (index++) * ETH_GSTRING_LEN,
main_strings[strings]);
for (i = 0; i < NUM_PORT_STATS; i++, strings++,
bitmap_iterator_inc(&it))
if (bitmap_iterator_test(&it))
Reported by FlawFinder.
Line: 474
Column: 5
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
for (i = 0; i < NUM_PORT_STATS; i++, strings++,
bitmap_iterator_inc(&it))
if (bitmap_iterator_test(&it))
strcpy(data + (index++) * ETH_GSTRING_LEN,
main_strings[strings]);
for (i = 0; i < NUM_PF_STATS; i++, strings++,
bitmap_iterator_inc(&it))
if (bitmap_iterator_test(&it))
Reported by FlawFinder.
Line: 480
Column: 5
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
for (i = 0; i < NUM_PF_STATS; i++, strings++,
bitmap_iterator_inc(&it))
if (bitmap_iterator_test(&it))
strcpy(data + (index++) * ETH_GSTRING_LEN,
main_strings[strings]);
for (i = 0; i < NUM_FLOW_STATS; i++, strings++,
bitmap_iterator_inc(&it))
if (bitmap_iterator_test(&it))
Reported by FlawFinder.
Line: 486
Column: 5
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
for (i = 0; i < NUM_FLOW_STATS; i++, strings++,
bitmap_iterator_inc(&it))
if (bitmap_iterator_test(&it))
strcpy(data + (index++) * ETH_GSTRING_LEN,
main_strings[strings]);
for (i = 0; i < NUM_PKT_STATS; i++, strings++,
bitmap_iterator_inc(&it))
if (bitmap_iterator_test(&it))
Reported by FlawFinder.
Line: 492
Column: 5
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
for (i = 0; i < NUM_PKT_STATS; i++, strings++,
bitmap_iterator_inc(&it))
if (bitmap_iterator_test(&it))
strcpy(data + (index++) * ETH_GSTRING_LEN,
main_strings[strings]);
for (i = 0; i < NUM_XDP_STATS; i++, strings++,
bitmap_iterator_inc(&it))
if (bitmap_iterator_test(&it))
Reported by FlawFinder.
Line: 498
Column: 5
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
for (i = 0; i < NUM_XDP_STATS; i++, strings++,
bitmap_iterator_inc(&it))
if (bitmap_iterator_test(&it))
strcpy(data + (index++) * ETH_GSTRING_LEN,
main_strings[strings]);
for (i = 0; i < NUM_PHY_STATS; i++, strings++,
bitmap_iterator_inc(&it))
if (bitmap_iterator_test(&it))
Reported by FlawFinder.
Line: 504
Column: 5
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
for (i = 0; i < NUM_PHY_STATS; i++, strings++,
bitmap_iterator_inc(&it))
if (bitmap_iterator_test(&it))
strcpy(data + (index++) * ETH_GSTRING_LEN,
main_strings[strings]);
for (i = 0; i < priv->tx_ring_num[TX]; i++) {
sprintf(data + (index++) * ETH_GSTRING_LEN,
"tx%d_packets", i);
Reported by FlawFinder.
Line: 530
Column: 4
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
break;
case ETH_SS_PRIV_FLAGS:
for (i = 0; i < ARRAY_SIZE(mlx4_en_priv_flags); i++)
strcpy(data + i * ETH_GSTRING_LEN,
mlx4_en_priv_flags[i]);
break;
}
}
Reported by FlawFinder.
drivers/net/wireless/intel/iwlegacy/4965-rs.c
29 issues
Line: 2593
Column: 6
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
desc +=
sprintf(buff + desc, "fixed rate 0x%X\n", lq_sta->dbg_fixed_rate);
desc +=
sprintf(buff + desc, "valid_tx_ant %s%s%s\n",
(il->hw_params.valid_tx_ant & ANT_A) ? "ANT_A," : "",
(il->hw_params.valid_tx_ant & ANT_B) ? "ANT_B," : "",
(il->hw_params.valid_tx_ant & ANT_C) ? "ANT_C" : "");
desc +=
sprintf(buff + desc, "lq type %s\n",
Reported by FlawFinder.
Line: 2598
Column: 6
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
(il->hw_params.valid_tx_ant & ANT_B) ? "ANT_B," : "",
(il->hw_params.valid_tx_ant & ANT_C) ? "ANT_C" : "");
desc +=
sprintf(buff + desc, "lq type %s\n",
(is_legacy(tbl->lq_type)) ? "legacy" : "HT");
if (is_Ht(tbl->lq_type)) {
desc +=
sprintf(buff + desc, " %s",
(is_siso(tbl->lq_type)) ? "SISO" : "MIMO2");
Reported by FlawFinder.
Line: 2602
Column: 7
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
(is_legacy(tbl->lq_type)) ? "legacy" : "HT");
if (is_Ht(tbl->lq_type)) {
desc +=
sprintf(buff + desc, " %s",
(is_siso(tbl->lq_type)) ? "SISO" : "MIMO2");
desc +=
sprintf(buff + desc, " %s",
(tbl->is_ht40) ? "40MHz" : "20MHz");
desc +=
Reported by FlawFinder.
Line: 2605
Column: 7
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
sprintf(buff + desc, " %s",
(is_siso(tbl->lq_type)) ? "SISO" : "MIMO2");
desc +=
sprintf(buff + desc, " %s",
(tbl->is_ht40) ? "40MHz" : "20MHz");
desc +=
sprintf(buff + desc, " %s %s %s\n",
(tbl->is_SGI) ? "SGI" : "",
(lq_sta->is_green) ? "GF enabled" : "",
Reported by FlawFinder.
Line: 2608
Column: 7
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
sprintf(buff + desc, " %s",
(tbl->is_ht40) ? "40MHz" : "20MHz");
desc +=
sprintf(buff + desc, " %s %s %s\n",
(tbl->is_SGI) ? "SGI" : "",
(lq_sta->is_green) ? "GF enabled" : "",
(lq_sta->is_agg) ? "AGG on" : "");
}
desc +=
Reported by FlawFinder.
Line: 2647
Column: 8
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
rate_n_flags));
if (is_legacy(tbl->lq_type)) {
desc +=
sprintf(buff + desc, " rate[%d] 0x%X %smbps\n", i,
le32_to_cpu(lq_sta->lq.rs_table[i].
rate_n_flags),
il_rate_mcs[idx].mbps);
} else {
desc +=
Reported by FlawFinder.
Line: 2653
Column: 8
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
il_rate_mcs[idx].mbps);
} else {
desc +=
sprintf(buff + desc, " rate[%d] 0x%X %smbps (%s)\n",
i,
le32_to_cpu(lq_sta->lq.rs_table[i].
rate_n_flags),
il_rate_mcs[idx].mbps,
il_rate_mcs[idx].mcs);
Reported by FlawFinder.
Line: 2691
Column: 7
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
for (i = 0; i < LQ_SIZE; i++) {
desc +=
sprintf(buff + desc,
"%s type=%d SGI=%d HT40=%d DUP=%d GF=%d\n"
"rate=0x%X\n", lq_sta->active_tbl == i ? "*" : "x",
lq_sta->lq_info[i].lq_type,
lq_sta->lq_info[i].is_SGI,
lq_sta->lq_info[i].is_ht40,
Reported by FlawFinder.
Line: 1297
Column: 4
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
break;
/* Set up search table to try other antenna */
memcpy(search_tbl, tbl, sz);
if (il4965_rs_toggle_antenna
(valid_tx_ant, &search_tbl->current_rate,
search_tbl)) {
update_search_tbl_counter = 1;
Reported by FlawFinder.
Line: 1312
Column: 4
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
D_RATE("LQ: Legacy switch to SISO\n");
/* Set up search table to try SISO */
memcpy(search_tbl, tbl, sz);
search_tbl->is_SGI = 0;
ret =
il4965_rs_switch_to_siso(il, lq_sta, conf, sta,
search_tbl, idx);
if (!ret) {
Reported by FlawFinder.