The following issues were found
sound/soc/intel/boards/kbl_rt5663_max98927.c
6 issues
Line: 606
Column: 21
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
SND_SOC_DAILINK_DEF(dummy,
DAILINK_COMP_ARRAY(COMP_DUMMY()));
SND_SOC_DAILINK_DEF(system,
DAILINK_COMP_ARRAY(COMP_CPU("System Pin")));
SND_SOC_DAILINK_DEF(system2,
DAILINK_COMP_ARRAY(COMP_CPU("System Pin2")));
Reported by FlawFinder.
Line: 679
Column: 23
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
SND_SOC_DPCM_TRIGGER_POST, SND_SOC_DPCM_TRIGGER_POST},
.dpcm_playback = 1,
.ops = &kabylake_rt5663_fe_ops,
SND_SOC_DAILINK_REG(system, dummy, platform),
},
[KBL_DPCM_AUDIO_CP] = {
.name = "Kbl Audio Capture Port",
.stream_name = "Audio Record",
.dynamic = 1,
Reported by FlawFinder.
Line: 690
Column: 23
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
SND_SOC_DPCM_TRIGGER_POST, SND_SOC_DPCM_TRIGGER_POST},
.dpcm_capture = 1,
.ops = &kabylake_rt5663_fe_ops,
SND_SOC_DAILINK_REG(system, dummy, platform),
},
[KBL_DPCM_AUDIO_HS_PB] = {
.name = "Kbl Audio Headset Playback",
.stream_name = "Headset Audio",
.dpcm_playback = 1,
Reported by FlawFinder.
Line: 838
Column: 23
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
SND_SOC_DPCM_TRIGGER_POST, SND_SOC_DPCM_TRIGGER_POST},
.dpcm_playback = 1,
.ops = &kabylake_rt5663_fe_ops,
SND_SOC_DAILINK_REG(system, dummy, platform),
},
[KBL_DPCM_AUDIO_5663_CP] = {
.name = "Kbl Audio Capture Port",
.stream_name = "Audio Record",
.dynamic = 1,
Reported by FlawFinder.
Line: 849
Column: 23
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
SND_SOC_DPCM_TRIGGER_POST, SND_SOC_DPCM_TRIGGER_POST},
.dpcm_capture = 1,
.ops = &kabylake_rt5663_fe_ops,
SND_SOC_DAILINK_REG(system, dummy, platform),
},
[KBL_DPCM_AUDIO_5663_HDMI1_PB] = {
.name = "Kbl HDMI Port1",
.stream_name = "Hdmi1",
.dpcm_playback = 1,
Reported by FlawFinder.
Line: 915
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct kbl_hdmi_pcm *pcm;
struct snd_soc_component *component = NULL;
int err, i = 0;
char jack_name[NAME_SIZE];
list_for_each_entry(pcm, &ctx->hdmi_pcm_list, head) {
component = pcm->codec_dai->component;
snprintf(jack_name, sizeof(jack_name),
"HDMI/DP, pcm=%d Jack", pcm->device);
Reported by FlawFinder.
sound/soc/sof/trace.c
6 issues
Line: 145
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
msg->hdr.size = size;
msg->hdr.cmd = SOF_IPC_GLB_TRACE_MSG | SOF_IPC_TRACE_FILTER_UPDATE;
msg->elem_cnt = num_elems;
memcpy(&msg->elems[0], elems, num_elems * sizeof(*elems));
ret = pm_runtime_get_sync(sdev->dev);
if (ret < 0 && ret != -EACCES) {
pm_runtime_put_noidle(sdev->dev);
dev_err(sdev->dev, "error: enabling device failed: %d\n", ret);
Reported by FlawFinder.
Line: 37
Column: 12
CWE codes:
126
struct sof_ipc_trace_filter_elem *elem,
int capacity, int *counter)
{
int len = strlen(line);
int cnt = *counter;
uint32_t uuid_id;
int log_level;
int pipe_id;
int comp_id;
Reported by FlawFinder.
Line: 47
Column: 29
CWE codes:
120
20
int ret;
/* ignore empty content */
ret = sscanf(line, " %n", &read);
if (!ret && read == len)
return len;
ret = sscanf(line, " %d %x %d %d %n", &log_level, &uuid_id, &pipe_id, &comp_id, &read);
if (ret != TRACE_FILTER_ELEMENTS_PER_ENTRY || read != len) {
Reported by FlawFinder.
Line: 51
Column: 83
CWE codes:
120
20
if (!ret && read == len)
return len;
ret = sscanf(line, " %d %x %d %d %n", &log_level, &uuid_id, &pipe_id, &comp_id, &read);
if (ret != TRACE_FILTER_ELEMENTS_PER_ENTRY || read != len) {
dev_err(sdev->dev, "error: invalid trace filter entry '%s'\n", line);
return -EINVAL;
}
Reported by FlawFinder.
Line: 52
Column: 48
CWE codes:
120
20
return len;
ret = sscanf(line, " %d %x %d %d %n", &log_level, &uuid_id, &pipe_id, &comp_id, &read);
if (ret != TRACE_FILTER_ELEMENTS_PER_ENTRY || read != len) {
dev_err(sdev->dev, "error: invalid trace filter entry '%s'\n", line);
return -EINVAL;
}
if (uuid_id > 0) {
Reported by FlawFinder.
sound/pci/oxygen/oxygen_pcm.c
6 issues
Line: 178
Column: 44
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
chip->pcm_active |= 1 << channel;
if (channel == PCM_SPDIF) {
chip->spdif_pcm_bits = chip->spdif_bits;
chip->controls[CONTROL_SPDIF_PCM]->vd[0].access &=
~SNDRV_CTL_ELEM_ACCESS_INACTIVE;
snd_ctl_notify(chip->card, SNDRV_CTL_EVENT_MASK_VALUE |
SNDRV_CTL_EVENT_MASK_INFO,
&chip->controls[CONTROL_SPDIF_PCM]->id);
}
Reported by FlawFinder.
Line: 227
Column: 44
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
mutex_lock(&chip->mutex);
chip->pcm_active &= ~(1 << channel);
if (channel == PCM_SPDIF) {
chip->controls[CONTROL_SPDIF_PCM]->vd[0].access |=
SNDRV_CTL_ELEM_ACCESS_INACTIVE;
snd_ctl_notify(chip->card, SNDRV_CTL_EVENT_MASK_VALUE |
SNDRV_CTL_EVENT_MASK_INFO,
&chip->controls[CONTROL_SPDIF_PCM]->id);
}
Reported by FlawFinder.
Line: 758
Column: 3
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
snd_pcm_set_ops(pcm, SNDRV_PCM_STREAM_CAPTURE,
&oxygen_rec_b_ops);
pcm->private_data = chip;
strcpy(pcm->name, outs ? "Front Panel" : "Analog 2");
snd_pcm_set_managed_buffer_all(pcm, SNDRV_DMA_TYPE_DEV,
&chip->pci->dev,
DEFAULT_BUFFER_BYTES,
BUFFER_BYTES_MAX);
}
Reported by FlawFinder.
Line: 700
Column: 3
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
snd_pcm_set_ops(pcm, SNDRV_PCM_STREAM_CAPTURE,
&oxygen_rec_b_ops);
pcm->private_data = chip;
strcpy(pcm->name, "Multichannel");
if (outs)
snd_pcm_set_managed_buffer(pcm->streams[SNDRV_PCM_STREAM_PLAYBACK].substream,
SNDRV_DMA_TYPE_DEV,
&chip->pci->dev,
DEFAULT_BUFFER_BYTES_MULTICH,
Reported by FlawFinder.
Line: 728
Column: 3
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
snd_pcm_set_ops(pcm, SNDRV_PCM_STREAM_CAPTURE,
&oxygen_rec_c_ops);
pcm->private_data = chip;
strcpy(pcm->name, "Digital");
snd_pcm_set_managed_buffer_all(pcm, SNDRV_DMA_TYPE_DEV,
&chip->pci->dev,
DEFAULT_BUFFER_BYTES,
BUFFER_BYTES_MAX);
}
Reported by FlawFinder.
Line: 776
Column: 3
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
OXYGEN_REC_C_ROUTE_I2S_ADC_3,
OXYGEN_REC_C_ROUTE_MASK);
pcm->private_data = chip;
strcpy(pcm->name, "Analog 3");
snd_pcm_set_managed_buffer_all(pcm, SNDRV_DMA_TYPE_DEV,
&chip->pci->dev,
DEFAULT_BUFFER_BYTES,
BUFFER_BYTES_MAX);
}
Reported by FlawFinder.
net/sunrpc/auth_gss/gss_mech_switch.c
6 issues
Line: 55
Column: 3
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
new = kmalloc(strlen(name) + strlen(prefix) + 1, GFP_KERNEL);
if (new) {
strcpy(new, prefix);
strcat(new, name);
}
return new;
}
Reported by FlawFinder.
Line: 56
Column: 3
CWE codes:
120
Suggestion:
Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused)
new = kmalloc(strlen(name) + strlen(prefix) + 1, GFP_KERNEL);
if (new) {
strcpy(new, prefix);
strcat(new, name);
}
return new;
}
static int
Reported by FlawFinder.
Line: 164
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct gss_api_mech *gss_mech_get_by_OID(struct rpcsec_gss_oid *obj)
{
struct gss_api_mech *pos, *gm = NULL;
char buf[32];
if (sprint_oid(obj->data, obj->len, buf, sizeof(buf)) < 0)
return NULL;
request_module("rpc-auth-gss-%s", buf);
Reported by FlawFinder.
Line: 292
Column: 4
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
for (i = 0; i < gm->gm_pf_num; i++) {
if (gm->gm_pfs[i].pseudoflavor == pseudoflavor) {
memcpy(info->oid.data, gm->gm_oid.data, gm->gm_oid.len);
info->oid.len = gm->gm_oid.len;
info->qop = gm->gm_pfs[i].qop;
info->service = gm->gm_pfs[i].service;
gss_mech_put(gm);
return 0;
Reported by FlawFinder.
Line: 53
Column: 16
CWE codes:
126
static char *prefix = "gss/";
char *new;
new = kmalloc(strlen(name) + strlen(prefix) + 1, GFP_KERNEL);
if (new) {
strcpy(new, prefix);
strcat(new, name);
}
return new;
Reported by FlawFinder.
Line: 53
Column: 31
CWE codes:
126
static char *prefix = "gss/";
char *new;
new = kmalloc(strlen(name) + strlen(prefix) + 1, GFP_KERNEL);
if (new) {
strcpy(new, prefix);
strcat(new, name);
}
return new;
Reported by FlawFinder.
net/sunrpc/auth_gss/gss_krb5_keys.c
6 issues
Line: 190
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
/* initialize the input block */
if (in_constant->len == inblock.len) {
memcpy(inblock.data, in_constant->data, inblock.len);
} else {
krb5_nfold(in_constant->len * 8, in_constant->data,
inblock.len * 8, inblock.data);
}
Reported by FlawFinder.
Line: 204
Column: 4
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
outblock.data, inblock.len);
if ((keybytes - n) <= outblock.len) {
memcpy(rawkey + n, outblock.data, (keybytes - n));
break;
}
memcpy(rawkey + n, outblock.data, outblock.len);
memcpy(inblock.data, outblock.data, outblock.len);
Reported by FlawFinder.
Line: 208
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
break;
}
memcpy(rawkey + n, outblock.data, outblock.len);
memcpy(inblock.data, outblock.data, outblock.len);
n += outblock.len;
}
/* postprocess the key */
Reported by FlawFinder.
Line: 209
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
}
memcpy(rawkey + n, outblock.data, outblock.len);
memcpy(inblock.data, outblock.data, outblock.len);
n += outblock.len;
}
/* postprocess the key */
Reported by FlawFinder.
Line: 279
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
8 key bytes, then compute the parity bits. Do this three times. */
for (i = 0; i < 3; i++) {
memcpy(key->data + i*8, randombits->data + i*7, 7);
key->data[i*8+7] = (((key->data[i*8]&1)<<1) |
((key->data[i*8+1]&1)<<2) |
((key->data[i*8+2]&1)<<3) |
((key->data[i*8+3]&1)<<4) |
((key->data[i*8+4]&1)<<5) |
Reported by FlawFinder.
Line: 318
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
__func__, randombits->len, key->len);
goto err_out;
}
memcpy(key->data, randombits->data, key->len);
ret = 0;
err_out:
return ret;
}
Reported by FlawFinder.
scripts/dtc/libfdt/fdt_sw.c
6 issues
Line: 232
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
return -FDT_ERR_NOSPACE;
nh->tag = cpu_to_fdt32(FDT_BEGIN_NODE);
memcpy(nh->name, name, namelen);
return 0;
}
int fdt_end_node(void *fdt)
{
Reported by FlawFinder.
Line: 262
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (fdt_totalsize(fdt) - offset < struct_top)
return 0; /* no more room :( */
memcpy(strtab - offset, s, len);
fdt_set_size_dt_strings(fdt, strtabsize + len);
return -offset;
}
/* Must only be used to roll back in case of error */
Reported by FlawFinder.
Line: 333
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
ret = fdt_property_placeholder(fdt, name, len, &ptr);
if (ret)
return ret;
memcpy(ptr, val, len);
return 0;
}
int fdt_finish(void *fdt)
{
Reported by FlawFinder.
Line: 226
Column: 12
CWE codes:
126
FDT_SW_PROBE_STRUCT(fdt);
namelen = strlen(name) + 1;
nh = fdt_grab_space_(fdt, sizeof(*nh) + FDT_TAGALIGN(namelen));
if (! nh)
return -FDT_ERR_NOSPACE;
nh->tag = cpu_to_fdt32(FDT_BEGIN_NODE);
Reported by FlawFinder.
Line: 254
Column: 21
CWE codes:
126
{
char *strtab = (char *)fdt + fdt_totalsize(fdt);
unsigned int strtabsize = fdt_size_dt_strings(fdt);
unsigned int len = strlen(s) + 1;
unsigned int struct_top, offset;
offset = strtabsize + len;
struct_top = fdt_off_dt_struct(fdt) + fdt_size_dt_struct(fdt);
if (fdt_totalsize(fdt) - offset < struct_top)
Reported by FlawFinder.
Line: 271
Column: 12
CWE codes:
126
static void fdt_del_last_string_(void *fdt, const char *s)
{
int strtabsize = fdt_size_dt_strings(fdt);
int len = strlen(s) + 1;
fdt_set_size_dt_strings(fdt, strtabsize - len);
}
static int fdt_find_add_string_(void *fdt, const char *s, int *allocated)
Reported by FlawFinder.
net/smc/smc_ib.c
6 issues
Line: 73
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
rdma_ah_set_port_num(&qp_attr.ah_attr, lnk->ibport);
rdma_ah_set_grh(&qp_attr.ah_attr, NULL, 0, lnk->sgid_index, 1, 0);
rdma_ah_set_dgid_raw(&qp_attr.ah_attr, lnk->peer_gid);
memcpy(&qp_attr.ah_attr.roce.dmac, lnk->peer_mac,
sizeof(lnk->peer_mac));
qp_attr.dest_qp_num = lnk->peer_qpn;
qp_attr.rq_psn = lnk->peer_psn; /* starting receive packet seq # */
qp_attr.max_dest_rd_atomic = 1; /* max # of resources for incoming
* requests
Reported by FlawFinder.
Line: 167
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
static inline void smc_ib_define_local_systemid(struct smc_ib_device *smcibdev,
u8 ibport)
{
memcpy(&local_systemid[2], &smcibdev->mac[ibport - 1],
sizeof(smcibdev->mac[ibport - 1]));
}
bool smc_ib_is_valid_local_systemid(void)
{
Reported by FlawFinder.
Line: 208
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
attr->gid_type == IB_GID_TYPE_ROCE) {
rcu_read_unlock();
if (gid)
memcpy(gid, &attr->gid, SMC_GID_SIZE);
if (sgid_index)
*sgid_index = attr->index;
rdma_put_gid_attr(attr);
return 0;
}
Reported by FlawFinder.
Line: 362
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct smc_ib_device *smcibdev,
int port)
{
char smc_pnet[SMC_MAX_PNETID_LEN + 1];
struct nlattr *port_attrs;
unsigned char port_state;
int lnk_count = 0;
port_attrs = nla_nest_start(skb, SMC_NLA_DEV_PORT + port);
Reported by FlawFinder.
Line: 374
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (nla_put_u8(skb, SMC_NLA_DEV_PORT_PNET_USR,
smcibdev->pnetid_by_user[port]))
goto errattr;
memcpy(smc_pnet, &smcibdev->pnetid[port], SMC_MAX_PNETID_LEN);
smc_pnet[SMC_MAX_PNETID_LEN] = 0;
if (nla_put_string(skb, SMC_NLA_DEV_PORT_PNETID, smc_pnet))
goto errattr;
if (nla_put_u32(skb, SMC_NLA_DEV_PORT_NETDEV,
smcibdev->ndev_ifidx[port]))
Reported by FlawFinder.
Line: 417
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct sk_buff *skb,
struct netlink_callback *cb)
{
char smc_ibname[IB_DEVICE_NAME_MAX];
struct smc_pci_dev smc_pci_dev;
struct pci_dev *pci_dev;
unsigned char is_crit;
struct nlattr *attrs;
void *nlh;
Reported by FlawFinder.
sound/pci/trident/trident.c
6 issues
Line: 94
Column: 2
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
default:
str = "Unknown";
}
strcpy(card->driver, str);
if (trident->device == TRIDENT_DEVICE_ID_SI7018) {
strcpy(card->shortname, "SiS ");
} else {
strcpy(card->shortname, "Trident ");
}
Reported by FlawFinder.
Line: 100
Column: 2
CWE codes:
120
Suggestion:
Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused)
} else {
strcpy(card->shortname, "Trident ");
}
strcat(card->shortname, str);
sprintf(card->longname, "%s PCI Audio at 0x%lx, irq %d",
card->shortname, trident->port, trident->irq);
err = snd_trident_pcm(trident, pcm_dev++);
if (err < 0) {
Reported by FlawFinder.
Line: 101
Column: 2
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
strcpy(card->shortname, "Trident ");
}
strcat(card->shortname, str);
sprintf(card->longname, "%s PCI Audio at 0x%lx, irq %d",
card->shortname, trident->port, trident->irq);
err = snd_trident_pcm(trident, pcm_dev++);
if (err < 0) {
snd_card_free(card);
Reported by FlawFinder.
Line: 22
Column: 8
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
MODULE_LICENSE("GPL");
static int index[SNDRV_CARDS] = SNDRV_DEFAULT_IDX; /* Index 0-MAX */
static char *id[SNDRV_CARDS] = SNDRV_DEFAULT_STR; /* ID for this card */
static bool enable[SNDRV_CARDS] = SNDRV_DEFAULT_ENABLE_PNP; /* Enable this card */
static int pcm_channels[SNDRV_CARDS] = {[0 ... (SNDRV_CARDS - 1)] = 32};
static int wavetable_size[SNDRV_CARDS] = {[0 ... (SNDRV_CARDS - 1)] = 8192};
module_param_array(index, int, NULL, 0444);
Reported by FlawFinder.
Line: 96
Column: 3
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
}
strcpy(card->driver, str);
if (trident->device == TRIDENT_DEVICE_ID_SI7018) {
strcpy(card->shortname, "SiS ");
} else {
strcpy(card->shortname, "Trident ");
}
strcat(card->shortname, str);
sprintf(card->longname, "%s PCI Audio at 0x%lx, irq %d",
Reported by FlawFinder.
Line: 98
Column: 3
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
if (trident->device == TRIDENT_DEVICE_ID_SI7018) {
strcpy(card->shortname, "SiS ");
} else {
strcpy(card->shortname, "Trident ");
}
strcat(card->shortname, str);
sprintf(card->longname, "%s PCI Audio at 0x%lx, irq %d",
card->shortname, trident->port, trident->irq);
Reported by FlawFinder.
scripts/mod/modpost.h
6 issues
Line: 107
Column: 28
CWE codes:
134
Suggestion:
Use a constant for the format specification
int size;
};
void __attribute__((format(printf, 2, 3)))
buf_printf(struct buffer *buf, const char *fmt, ...);
void
buf_write(struct buffer *buf, const char *s, int len);
Reported by FlawFinder.
Line: 128
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
int has_init;
int has_cleanup;
struct buffer dev_table_buf;
char srcversion[25];
// Missing namespace dependencies
struct namespace_list *missing_namespaces;
// Actual imported namespaces
struct namespace_list *imported_namespaces;
char name[];
Reported by FlawFinder.
Line: 183
Column: 6
CWE codes:
126
static inline bool strends(const char *str, const char *postfix)
{
if (strlen(str) < strlen(postfix))
return false;
return strcmp(str + strlen(str) - strlen(postfix), postfix) == 0;
}
Reported by FlawFinder.
Line: 183
Column: 20
CWE codes:
126
static inline bool strends(const char *str, const char *postfix)
{
if (strlen(str) < strlen(postfix))
return false;
return strcmp(str + strlen(str) - strlen(postfix), postfix) == 0;
}
Reported by FlawFinder.
Line: 186
Column: 36
CWE codes:
126
if (strlen(str) < strlen(postfix))
return false;
return strcmp(str + strlen(str) - strlen(postfix), postfix) == 0;
}
/* file2alias.c */
extern unsigned int cross_build;
void handle_moddevtable(struct module *mod, struct elf_info *info,
Reported by FlawFinder.
Line: 186
Column: 22
CWE codes:
126
if (strlen(str) < strlen(postfix))
return false;
return strcmp(str + strlen(str) - strlen(postfix), postfix) == 0;
}
/* file2alias.c */
extern unsigned int cross_build;
void handle_moddevtable(struct module *mod, struct elf_info *info,
Reported by FlawFinder.
sound/firewire/oxfw/oxfw.c
6 issues
Line: 106
Column: 2
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
m = model;
}
strcpy(oxfw->card->driver, d);
strcpy(oxfw->card->mixername, m);
strcpy(oxfw->card->shortname, m);
snprintf(oxfw->card->longname, sizeof(oxfw->card->longname),
"%s %s (OXFW%x %04x), GUID %08x%08x at %s, S%d",
Reported by FlawFinder.
Line: 107
Column: 2
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
}
strcpy(oxfw->card->driver, d);
strcpy(oxfw->card->mixername, m);
strcpy(oxfw->card->shortname, m);
snprintf(oxfw->card->longname, sizeof(oxfw->card->longname),
"%s %s (OXFW%x %04x), GUID %08x%08x at %s, S%d",
v, m, firmware >> 20, firmware & 0xffff,
Reported by FlawFinder.
Line: 108
Column: 2
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
strcpy(oxfw->card->driver, d);
strcpy(oxfw->card->mixername, m);
strcpy(oxfw->card->shortname, m);
snprintf(oxfw->card->longname, sizeof(oxfw->card->longname),
"%s %s (OXFW%x %04x), GUID %08x%08x at %s, S%d",
v, m, firmware >> 20, firmware & 0xffff,
fw_dev->config_rom[3], fw_dev->config_rom[4],
Reported by FlawFinder.
Line: 52
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
"Onyx 1640i",
"d.Pro",
"U.420"};
char model[32];
int err;
err = fw_csr_string(unit->directory, CSR_MODEL,
model, sizeof(model));
if (err < 0)
Reported by FlawFinder.
Line: 67
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
struct fw_device *fw_dev = fw_parent_device(oxfw->unit);
const struct compat_info *info;
char vendor[24];
char model[32];
const char *d, *v, *m;
u32 firmware;
int err;
Reported by FlawFinder.
Line: 68
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct fw_device *fw_dev = fw_parent_device(oxfw->unit);
const struct compat_info *info;
char vendor[24];
char model[32];
const char *d, *v, *m;
u32 firmware;
int err;
/* get vendor name from root directory */
Reported by FlawFinder.