The following issues were found
drivers/infiniband/hw/hns/hns_roce_hw_v2.c
27 issues
Line: 108
Column: 44
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
u64 pbl_ba;
/* use ib_access_flags */
hr_reg_write_bool(fseg, FRMR_BIND_EN, wr->access & IB_ACCESS_MW_BIND);
hr_reg_write_bool(fseg, FRMR_ATOMIC,
wr->access & IB_ACCESS_REMOTE_ATOMIC);
hr_reg_write_bool(fseg, FRMR_RR, wr->access & IB_ACCESS_REMOTE_READ);
hr_reg_write_bool(fseg, FRMR_RW, wr->access & IB_ACCESS_REMOTE_WRITE);
hr_reg_write_bool(fseg, FRMR_LW, wr->access & IB_ACCESS_LOCAL_WRITE);
Reported by FlawFinder.
Line: 110
Column: 10
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
/* use ib_access_flags */
hr_reg_write_bool(fseg, FRMR_BIND_EN, wr->access & IB_ACCESS_MW_BIND);
hr_reg_write_bool(fseg, FRMR_ATOMIC,
wr->access & IB_ACCESS_REMOTE_ATOMIC);
hr_reg_write_bool(fseg, FRMR_RR, wr->access & IB_ACCESS_REMOTE_READ);
hr_reg_write_bool(fseg, FRMR_RW, wr->access & IB_ACCESS_REMOTE_WRITE);
hr_reg_write_bool(fseg, FRMR_LW, wr->access & IB_ACCESS_LOCAL_WRITE);
/* Data structure reuse may lead to confusion */
Reported by FlawFinder.
Line: 111
Column: 39
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
hr_reg_write_bool(fseg, FRMR_BIND_EN, wr->access & IB_ACCESS_MW_BIND);
hr_reg_write_bool(fseg, FRMR_ATOMIC,
wr->access & IB_ACCESS_REMOTE_ATOMIC);
hr_reg_write_bool(fseg, FRMR_RR, wr->access & IB_ACCESS_REMOTE_READ);
hr_reg_write_bool(fseg, FRMR_RW, wr->access & IB_ACCESS_REMOTE_WRITE);
hr_reg_write_bool(fseg, FRMR_LW, wr->access & IB_ACCESS_LOCAL_WRITE);
/* Data structure reuse may lead to confusion */
pbl_ba = mr->pbl_mtr.hem_cfg.root_ba;
Reported by FlawFinder.
Line: 112
Column: 39
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
hr_reg_write_bool(fseg, FRMR_ATOMIC,
wr->access & IB_ACCESS_REMOTE_ATOMIC);
hr_reg_write_bool(fseg, FRMR_RR, wr->access & IB_ACCESS_REMOTE_READ);
hr_reg_write_bool(fseg, FRMR_RW, wr->access & IB_ACCESS_REMOTE_WRITE);
hr_reg_write_bool(fseg, FRMR_LW, wr->access & IB_ACCESS_LOCAL_WRITE);
/* Data structure reuse may lead to confusion */
pbl_ba = mr->pbl_mtr.hem_cfg.root_ba;
rc_sq_wqe->msg_len = cpu_to_le32(lower_32_bits(pbl_ba));
Reported by FlawFinder.
Line: 113
Column: 39
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
wr->access & IB_ACCESS_REMOTE_ATOMIC);
hr_reg_write_bool(fseg, FRMR_RR, wr->access & IB_ACCESS_REMOTE_READ);
hr_reg_write_bool(fseg, FRMR_RW, wr->access & IB_ACCESS_REMOTE_WRITE);
hr_reg_write_bool(fseg, FRMR_LW, wr->access & IB_ACCESS_LOCAL_WRITE);
/* Data structure reuse may lead to confusion */
pbl_ba = mr->pbl_mtr.hem_cfg.root_ba;
rc_sq_wqe->msg_len = cpu_to_le32(lower_32_bits(pbl_ba));
rc_sq_wqe->inv_key = cpu_to_le32(upper_32_bits(pbl_ba));
Reported by FlawFinder.
Line: 3080
Column: 10
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
hr_reg_enable(mpt_entry, MPT_L_INV_EN);
hr_reg_write_bool(mpt_entry, MPT_BIND_EN,
mr->access & IB_ACCESS_MW_BIND);
hr_reg_write_bool(mpt_entry, MPT_ATOMIC_EN,
mr->access & IB_ACCESS_REMOTE_ATOMIC);
hr_reg_write_bool(mpt_entry, MPT_RR_EN,
mr->access & IB_ACCESS_REMOTE_READ);
hr_reg_write_bool(mpt_entry, MPT_RW_EN,
Reported by FlawFinder.
Line: 3082
Column: 10
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
hr_reg_write_bool(mpt_entry, MPT_BIND_EN,
mr->access & IB_ACCESS_MW_BIND);
hr_reg_write_bool(mpt_entry, MPT_ATOMIC_EN,
mr->access & IB_ACCESS_REMOTE_ATOMIC);
hr_reg_write_bool(mpt_entry, MPT_RR_EN,
mr->access & IB_ACCESS_REMOTE_READ);
hr_reg_write_bool(mpt_entry, MPT_RW_EN,
mr->access & IB_ACCESS_REMOTE_WRITE);
hr_reg_write_bool(mpt_entry, MPT_LW_EN,
Reported by FlawFinder.
Line: 3084
Column: 10
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
hr_reg_write_bool(mpt_entry, MPT_ATOMIC_EN,
mr->access & IB_ACCESS_REMOTE_ATOMIC);
hr_reg_write_bool(mpt_entry, MPT_RR_EN,
mr->access & IB_ACCESS_REMOTE_READ);
hr_reg_write_bool(mpt_entry, MPT_RW_EN,
mr->access & IB_ACCESS_REMOTE_WRITE);
hr_reg_write_bool(mpt_entry, MPT_LW_EN,
mr->access & IB_ACCESS_LOCAL_WRITE);
Reported by FlawFinder.
Line: 3086
Column: 10
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
hr_reg_write_bool(mpt_entry, MPT_RR_EN,
mr->access & IB_ACCESS_REMOTE_READ);
hr_reg_write_bool(mpt_entry, MPT_RW_EN,
mr->access & IB_ACCESS_REMOTE_WRITE);
hr_reg_write_bool(mpt_entry, MPT_LW_EN,
mr->access & IB_ACCESS_LOCAL_WRITE);
mpt_entry->len_l = cpu_to_le32(lower_32_bits(mr->size));
mpt_entry->len_h = cpu_to_le32(upper_32_bits(mr->size));
Reported by FlawFinder.
Line: 3088
Column: 10
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
hr_reg_write_bool(mpt_entry, MPT_RW_EN,
mr->access & IB_ACCESS_REMOTE_WRITE);
hr_reg_write_bool(mpt_entry, MPT_LW_EN,
mr->access & IB_ACCESS_LOCAL_WRITE);
mpt_entry->len_l = cpu_to_le32(lower_32_bits(mr->size));
mpt_entry->len_h = cpu_to_le32(upper_32_bits(mr->size));
mpt_entry->lkey = cpu_to_le32(mr->key);
mpt_entry->va_l = cpu_to_le32(lower_32_bits(mr->iova));
Reported by FlawFinder.
drivers/net/wireless/broadcom/brcm80211/brcmsmac/main.c
27 issues
Line: 319
Column: 14
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static const char * const fifo_names[] = {
"AC_BK", "AC_BE", "AC_VI", "AC_VO", "BCMC", "ATIM" };
#else
static const char fifo_names[6][1];
#endif
#ifdef DEBUG
/* pointer to most recently allocated wl/wlc */
static struct brcms_c_info *wlc_info_dbg = (struct brcms_c_info *) (NULL);
Reported by FlawFinder.
Line: 1107
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static bool brcms_b_attach_dmapio(struct brcms_c_info *wlc, uint j, bool wme)
{
uint i;
char name[8];
/*
* ucode host flag 2 needed for pio mode, independent of band and fifo
*/
u16 pio_mhf2 = 0;
struct brcms_hardware *wlc_hw = wlc->hw;
Reported by FlawFinder.
Line: 1537
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
be_bit = (bcma_read32(core, D11REGOFFS(maccontrol)) & MCTL_BIGEND) != 0;
while (len > 0) {
memcpy(&word, buf, sizeof(u32));
if (be_bit) {
word_be = cpu_to_be32(word);
word = *(u32 *)&word_be;
} else {
Reported by FlawFinder.
Line: 1897
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
/* If macaddr exists, use it (Sromrev4, CIS, ...). */
if (!is_zero_ether_addr(sprom->il0mac)) {
memcpy(etheraddr, sprom->il0mac, ETH_ALEN);
return;
}
if (wlc_hw->_nbands > 1)
memcpy(etheraddr, sprom->et1mac, ETH_ALEN);
Reported by FlawFinder.
Line: 1902
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
}
if (wlc_hw->_nbands > 1)
memcpy(etheraddr, sprom->et1mac, ETH_ALEN);
else
memcpy(etheraddr, sprom->il0mac, ETH_ALEN);
}
/* power both the pll and external oscillator on/off */
Reported by FlawFinder.
Line: 1904
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (wlc_hw->_nbands > 1)
memcpy(etheraddr, sprom->et1mac, ETH_ALEN);
else
memcpy(etheraddr, sprom->il0mac, ETH_ALEN);
}
/* power both the pll and external oscillator on/off */
static void brcms_b_xtal(struct brcms_hardware *wlc_hw, bool want)
{
Reported by FlawFinder.
Line: 3787
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
u8 len = min_t(u8, sizeof(wlc->bsscfg->SSID), ssid_len);
memset(wlc->bsscfg->SSID, 0, sizeof(wlc->bsscfg->SSID));
memcpy(wlc->bsscfg->SSID, ssid, len);
wlc->bsscfg->SSID_len = len;
}
static void brcms_b_set_shortslot(struct brcms_hardware *wlc_hw, bool shortslot)
{
Reported by FlawFinder.
Line: 5321
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
brcms_c_rateset_mcs_build(&wlc->default_bss->rateset,
wlc->stf->txstreams);
for (i = 0; i < wlc->pub->_nbands; i++)
memcpy(wlc->bandstate[i]->hw_rateset.mcs,
wlc->default_bss->rateset.mcs, MCSSET_LEN);
return 0;
}
Reported by FlawFinder.
Line: 5334
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
struct brcms_c_rateset rs, new;
uint bandunit;
memcpy(&rs, rs_arg, sizeof(struct brcms_c_rateset));
/* check for bad count value */
if ((rs.count == 0) || (rs.count > BRCMS_NUMRATES))
return -EINVAL;
Reported by FlawFinder.
Line: 5342
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
/* try the current band */
bandunit = wlc->band->bandunit;
memcpy(&new, &rs, sizeof(struct brcms_c_rateset));
if (brcms_c_rate_hwrs_filter_sort_validate
(&new, &wlc->bandstate[bandunit]->hw_rateset, true,
wlc->stf->txstreams))
goto good;
Reported by FlawFinder.
arch/parisc/math-emu/float.h
27 issues
Line: 26
*/
#ifdef __NO_PA_HDRS
PA header file -- do not include this header file for non-PA builds.
#endif
#include "fpbits.h"
#include "hppa.h"
/*
Reported by Cppcheck.
Line: 26
*/
#ifdef __NO_PA_HDRS
PA header file -- do not include this header file for non-PA builds.
#endif
#include "fpbits.h"
#include "hppa.h"
/*
Reported by Cppcheck.
Line: 26
*/
#ifdef __NO_PA_HDRS
PA header file -- do not include this header file for non-PA builds.
#endif
#include "fpbits.h"
#include "hppa.h"
/*
Reported by Cppcheck.
Line: 26
*/
#ifdef __NO_PA_HDRS
PA header file -- do not include this header file for non-PA builds.
#endif
#include "fpbits.h"
#include "hppa.h"
/*
Reported by Cppcheck.
Line: 26
*/
#ifdef __NO_PA_HDRS
PA header file -- do not include this header file for non-PA builds.
#endif
#include "fpbits.h"
#include "hppa.h"
/*
Reported by Cppcheck.
Line: 26
*/
#ifdef __NO_PA_HDRS
PA header file -- do not include this header file for non-PA builds.
#endif
#include "fpbits.h"
#include "hppa.h"
/*
Reported by Cppcheck.
Line: 26
*/
#ifdef __NO_PA_HDRS
PA header file -- do not include this header file for non-PA builds.
#endif
#include "fpbits.h"
#include "hppa.h"
/*
Reported by Cppcheck.
Line: 26
*/
#ifdef __NO_PA_HDRS
PA header file -- do not include this header file for non-PA builds.
#endif
#include "fpbits.h"
#include "hppa.h"
/*
Reported by Cppcheck.
Line: 26
*/
#ifdef __NO_PA_HDRS
PA header file -- do not include this header file for non-PA builds.
#endif
#include "fpbits.h"
#include "hppa.h"
/*
Reported by Cppcheck.
Line: 26
*/
#ifdef __NO_PA_HDRS
PA header file -- do not include this header file for non-PA builds.
#endif
#include "fpbits.h"
#include "hppa.h"
/*
Reported by Cppcheck.
arch/s390/include/asm/diag.h
27 issues
Line: 126
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
__u16 this_part;
__u64 curtod1;
__u64 curtod2;
char reserved[40];
} __packed;
struct diag204_part_hdr {
__u8 pn;
__u8 cpus;
Reported by FlawFinder.
Line: 132
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct diag204_part_hdr {
__u8 pn;
__u8 cpus;
char reserved[6];
char part_name[DIAG204_LPAR_NAME_LEN];
} __packed;
struct diag204_x_part_hdr {
__u8 pn;
Reported by FlawFinder.
Line: 133
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
__u8 pn;
__u8 cpus;
char reserved[6];
char part_name[DIAG204_LPAR_NAME_LEN];
} __packed;
struct diag204_x_part_hdr {
__u8 pn;
__u8 cpus;
Reported by FlawFinder.
Line: 142
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
__u8 rcpus;
__u8 pflag;
__u32 mlu;
char part_name[DIAG204_LPAR_NAME_LEN];
char lpc_name[8];
char os_name[8];
__u64 online_cs;
__u64 online_es;
__u8 upid;
Reported by FlawFinder.
Line: 143
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
__u8 pflag;
__u32 mlu;
char part_name[DIAG204_LPAR_NAME_LEN];
char lpc_name[8];
char os_name[8];
__u64 online_cs;
__u64 online_es;
__u8 upid;
__u8 reserved:3;
Reported by FlawFinder.
Line: 144
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
__u32 mlu;
char part_name[DIAG204_LPAR_NAME_LEN];
char lpc_name[8];
char os_name[8];
__u64 online_cs;
__u64 online_es;
__u8 upid;
__u8 reserved:3;
__u8 mtid:5;
Reported by FlawFinder.
Line: 150
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
__u8 upid;
__u8 reserved:3;
__u8 mtid:5;
char reserved1[2];
__u32 group_mlu;
char group_name[8];
char hardware_group_name[8];
char reserved2[24];
} __packed;
Reported by FlawFinder.
Line: 152
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
__u8 mtid:5;
char reserved1[2];
__u32 group_mlu;
char group_name[8];
char hardware_group_name[8];
char reserved2[24];
} __packed;
struct diag204_cpu_info {
Reported by FlawFinder.
Line: 153
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
char reserved1[2];
__u32 group_mlu;
char group_name[8];
char hardware_group_name[8];
char reserved2[24];
} __packed;
struct diag204_cpu_info {
__u16 cpu_addr;
Reported by FlawFinder.
Line: 154
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
__u32 group_mlu;
char group_name[8];
char hardware_group_name[8];
char reserved2[24];
} __packed;
struct diag204_cpu_info {
__u16 cpu_addr;
char reserved1[2];
Reported by FlawFinder.
drivers/staging/rtl8723bs/core/rtw_mlme.c
27 issues
Line: 316
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
{
__le16 val;
memcpy((u8 *)&val, rtw_get_capability_from_ie(bss->IEs), 2);
return le16_to_cpu(val);
}
u8 *rtw_get_beacon_interval_from_ie(u8 *ie)
Reported by FlawFinder.
Line: 392
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (rtw_bug_check(dst, src, &s_cap, &d_cap) == false)
return false;
memcpy((u8 *)&tmps, rtw_get_capability_from_ie(src->IEs), 2);
memcpy((u8 *)&tmpd, rtw_get_capability_from_ie(dst->IEs), 2);
s_cap = le16_to_cpu(tmps);
d_cap = le16_to_cpu(tmpd);
Reported by FlawFinder.
Line: 393
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
return false;
memcpy((u8 *)&tmps, rtw_get_capability_from_ie(src->IEs), 2);
memcpy((u8 *)&tmpd, rtw_get_capability_from_ie(dst->IEs), 2);
s_cap = le16_to_cpu(tmps);
d_cap = le16_to_cpu(tmpd);
return (src->Ssid.SsidLength == dst->Ssid.SsidLength) &&
Reported by FlawFinder.
Line: 488
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (update_ie) {
dst->Reserved[0] = src->Reserved[0];
dst->Reserved[1] = src->Reserved[1];
memcpy((u8 *)dst, (u8 *)src, get_wlan_bssid_ex_sz(src));
}
dst->PhyInfo.SignalStrength = ss_final;
dst->PhyInfo.SignalQuality = sq_final;
dst->Rssi = rssi_final;
Reported by FlawFinder.
Line: 561
Column: 4
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (!pnetwork)
goto exit;
memcpy(&(pnetwork->network), target, get_wlan_bssid_ex_sz(target));
/* variable initialize */
pnetwork->fixed = false;
pnetwork->last_scanned = jiffies;
pnetwork->network_type = 0;
Reported by FlawFinder.
Line: 583
Column: 4
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
bssid_ex_sz = get_wlan_bssid_ex_sz(target);
target->Length = bssid_ex_sz;
memcpy(&(pnetwork->network), target, bssid_ex_sz);
pnetwork->last_scanned = jiffies;
/* bss info not receiving from the right channel */
if (pnetwork->network.PhyInfo.SignalQuality == 101)
Reported by FlawFinder.
Line: 717
Column: 4
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (!memcmp(&(pmlmepriv->cur_network.network.MacAddress), pnetwork->MacAddress, ETH_ALEN)) {
struct wlan_network *ibss_wlan = NULL;
memcpy(pmlmepriv->cur_network.network.IEs, pnetwork->IEs, 8);
spin_lock_bh(&(pmlmepriv->scanned_queue.lock));
ibss_wlan = rtw_find_network(&pmlmepriv->scanned_queue, pnetwork->MacAddress);
if (ibss_wlan) {
memcpy(ibss_wlan->network.IEs, pnetwork->IEs, 8);
spin_unlock_bh(&(pmlmepriv->scanned_queue.lock));
Reported by FlawFinder.
Line: 721
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
spin_lock_bh(&(pmlmepriv->scanned_queue.lock));
ibss_wlan = rtw_find_network(&pmlmepriv->scanned_queue, pnetwork->MacAddress);
if (ibss_wlan) {
memcpy(ibss_wlan->network.IEs, pnetwork->IEs, 8);
spin_unlock_bh(&(pmlmepriv->scanned_queue.lock));
goto exit;
}
spin_unlock_bh(&(pmlmepriv->scanned_queue.lock));
}
Reported by FlawFinder.
Line: 774
Column: 6
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
/* pmlmepriv->fw_state ^= _FW_UNDER_SURVEY;because don't set assoc_timer */
_clr_fwstate_(pmlmepriv, _FW_UNDER_SURVEY);
memcpy(&pdev_network->Ssid, &pmlmepriv->assoc_ssid, sizeof(struct ndis_802_11_ssid));
rtw_update_registrypriv_dev_network(adapter);
rtw_generate_random_ibss(pibss);
pmlmepriv->fw_state = WIFI_ADHOC_MASTER_STATE;
Reported by FlawFinder.
Line: 1040
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
/* update station supportRate */
psta->bssratelen = rtw_get_rateset_len(pnetwork->network.SupportedRates);
memcpy(psta->bssrateset, pnetwork->network.SupportedRates, psta->bssratelen);
rtw_hal_update_sta_rate_mask(padapter, psta);
psta->wireless_mode = pmlmeext->cur_wireless_mode;
psta->raid = networktype_to_raid_ex(padapter, psta);
Reported by FlawFinder.
drivers/infiniband/hw/hfi1/trace_ibhdrs.h
27 issues
Line: 213
&__entry->dlid,
&__entry->slid);
if (__entry->l4 == OPA_16B_L4_FM) {
__entry->opcode = IB_OPCODE_UD_SEND_ONLY;
__entry->dest_qpn = hfi1_16B_get_dest_qpn(packet->mgmt);
__entry->src_qpn = hfi1_16B_get_src_qpn(packet->mgmt);
} else {
hfi1_trace_parse_16b_bth(packet->ohdr,
Reported by Cppcheck.
Line: 213
&__entry->dlid,
&__entry->slid);
if (__entry->l4 == OPA_16B_L4_FM) {
__entry->opcode = IB_OPCODE_UD_SEND_ONLY;
__entry->dest_qpn = hfi1_16B_get_dest_qpn(packet->mgmt);
__entry->src_qpn = hfi1_16B_get_src_qpn(packet->mgmt);
} else {
hfi1_trace_parse_16b_bth(packet->ohdr,
Reported by Cppcheck.
Line: 213
&__entry->dlid,
&__entry->slid);
if (__entry->l4 == OPA_16B_L4_FM) {
__entry->opcode = IB_OPCODE_UD_SEND_ONLY;
__entry->dest_qpn = hfi1_16B_get_dest_qpn(packet->mgmt);
__entry->src_qpn = hfi1_16B_get_src_qpn(packet->mgmt);
} else {
hfi1_trace_parse_16b_bth(packet->ohdr,
Reported by Cppcheck.
Line: 213
&__entry->dlid,
&__entry->slid);
if (__entry->l4 == OPA_16B_L4_FM) {
__entry->opcode = IB_OPCODE_UD_SEND_ONLY;
__entry->dest_qpn = hfi1_16B_get_dest_qpn(packet->mgmt);
__entry->src_qpn = hfi1_16B_get_src_qpn(packet->mgmt);
} else {
hfi1_trace_parse_16b_bth(packet->ohdr,
Reported by Cppcheck.
Line: 213
&__entry->dlid,
&__entry->slid);
if (__entry->l4 == OPA_16B_L4_FM) {
__entry->opcode = IB_OPCODE_UD_SEND_ONLY;
__entry->dest_qpn = hfi1_16B_get_dest_qpn(packet->mgmt);
__entry->src_qpn = hfi1_16B_get_src_qpn(packet->mgmt);
} else {
hfi1_trace_parse_16b_bth(packet->ohdr,
Reported by Cppcheck.
Line: 213
&__entry->dlid,
&__entry->slid);
if (__entry->l4 == OPA_16B_L4_FM) {
__entry->opcode = IB_OPCODE_UD_SEND_ONLY;
__entry->dest_qpn = hfi1_16B_get_dest_qpn(packet->mgmt);
__entry->src_qpn = hfi1_16B_get_src_qpn(packet->mgmt);
} else {
hfi1_trace_parse_16b_bth(packet->ohdr,
Reported by Cppcheck.
Line: 213
&__entry->dlid,
&__entry->slid);
if (__entry->l4 == OPA_16B_L4_FM) {
__entry->opcode = IB_OPCODE_UD_SEND_ONLY;
__entry->dest_qpn = hfi1_16B_get_dest_qpn(packet->mgmt);
__entry->src_qpn = hfi1_16B_get_src_qpn(packet->mgmt);
} else {
hfi1_trace_parse_16b_bth(packet->ohdr,
Reported by Cppcheck.
Line: 213
&__entry->dlid,
&__entry->slid);
if (__entry->l4 == OPA_16B_L4_FM) {
__entry->opcode = IB_OPCODE_UD_SEND_ONLY;
__entry->dest_qpn = hfi1_16B_get_dest_qpn(packet->mgmt);
__entry->src_qpn = hfi1_16B_get_src_qpn(packet->mgmt);
} else {
hfi1_trace_parse_16b_bth(packet->ohdr,
Reported by Cppcheck.
Line: 213
&__entry->dlid,
&__entry->slid);
if (__entry->l4 == OPA_16B_L4_FM) {
__entry->opcode = IB_OPCODE_UD_SEND_ONLY;
__entry->dest_qpn = hfi1_16B_get_dest_qpn(packet->mgmt);
__entry->src_qpn = hfi1_16B_get_src_qpn(packet->mgmt);
} else {
hfi1_trace_parse_16b_bth(packet->ohdr,
Reported by Cppcheck.
Line: 213
&__entry->dlid,
&__entry->slid);
if (__entry->l4 == OPA_16B_L4_FM) {
__entry->opcode = IB_OPCODE_UD_SEND_ONLY;
__entry->dest_qpn = hfi1_16B_get_dest_qpn(packet->mgmt);
__entry->src_qpn = hfi1_16B_get_src_qpn(packet->mgmt);
} else {
hfi1_trace_parse_16b_bth(packet->ohdr,
Reported by Cppcheck.
tools/perf/pmu-events/jevents.c
27 issues
Line: 114
Column: 8
CWE codes:
134
Suggestion:
Use a constant for the format specification
va_start(args, fmt);
ret = vfprintf(stderr, fmt, args);
va_end(args);
return ret;
}
Reported by FlawFinder.
Line: 139
Column: 3
CWE codes:
120
Suggestion:
Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused)
if (!olen)
*(*dst) = 0;
else
strcat(*dst, sep);
strcat(*dst, a);
if (bt)
strncat(*dst, map + bt->start, blen);
}
Reported by FlawFinder.
Line: 140
Column: 2
CWE codes:
120
Suggestion:
Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused)
*(*dst) = 0;
else
strcat(*dst, sep);
strcat(*dst, a);
if (bt)
strncat(*dst, map + bt->start, blen);
}
static void fixname(char *s)
Reported by FlawFinder.
Line: 996
Column: 4
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
char path[PATH_MAX];
struct stat st;
sprintf(path, "%s/%s", fpath, dir->d_name);
if (stat(path, &st))
break;
if (S_ISDIR(st.st_mode)) {
res = 0;
Reported by FlawFinder.
Line: 1221
Column: 2
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
return 2;
}
sprintf(ldirname, "%s/%s", start_dirname, arch);
/* If architecture does not have any event lists, bail out */
if (stat(ldirname, &stbuf) < 0) {
pr_info("%s: Arch %s has no PMU event lists\n", prog, arch);
empty_map = 1;
Reported by FlawFinder.
Line: 1252
Column: 2
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
if (rc)
goto err_processing_dir;
sprintf(ldirname, "%s/test", start_dirname);
rc = nftw(ldirname, preprocess_arch_std_files, maxfds, 0);
if (rc)
goto err_processing_std_arch_event_dir;
Reported by FlawFinder.
Line: 528
Column: 12
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
for (i = 0; fixed[i].name; i++)
if (!strcasecmp(name, fixed[i].name))
return (char *)fixed[i].event;
return event;
}
static int
try_fixup(const char *fn, char *arch_std, struct json_event *je, char **event)
Reported by FlawFinder.
Line: 561
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
jsmntok_t *tokens, *tok;
int i, j, len;
char *map;
char buf[128];
if (!fn)
return -ENOENT;
tokens = parse_json(fn, &map, &size, &len);
Reported by FlawFinder.
Line: 864
Column: 10
CWE codes:
362
if (!line)
return -1;
mapfp = fopen(fpath, "r");
if (!mapfp) {
pr_info("%s: Error %s opening %s\n", prog, strerror(errno),
fpath);
free(line);
return -1;
Reported by FlawFinder.
Line: 944
Column: 10
CWE codes:
362
pr_info("%s: Creating empty pmu_events_map[] table\n", prog);
/* Truncate file to clear any partial writes to it */
outfp = fopen(output_file, "w");
if (!outfp) {
perror("fopen()");
_Exit(1);
}
Reported by FlawFinder.
drivers/net/ethernet/mellanox/mlxsw/core.c
27 issues
Line: 387
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
{
mlxsw_emad_reg_tlv_type_set(reg_tlv, MLXSW_EMAD_TLV_TYPE_REG);
mlxsw_emad_reg_tlv_len_set(reg_tlv, reg->len / sizeof(u32) + 1);
memcpy(reg_tlv + sizeof(u32), payload, reg->len);
}
static void mlxsw_emad_pack_string_tlv(char *string_tlv)
{
mlxsw_emad_string_tlv_type_set(string_tlv, MLXSW_EMAD_TLV_TYPE_STRING);
Reported by FlawFinder.
Line: 945
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct mlxsw_core_fw_info *mlxsw_core_fw_info =
container_of(mlxfw_dev, struct mlxsw_core_fw_info, mlxfw_dev);
struct mlxsw_core *mlxsw_core = mlxsw_core_fw_info->mlxsw_core;
char mcqi_pl[MLXSW_REG_MCQI_LEN];
int err;
mlxsw_reg_mcqi_pack(mcqi_pl, component_index);
err = mlxsw_reg_query(mlxsw_core, MLXSW_REG(mcqi), mcqi_pl);
if (err)
Reported by FlawFinder.
Line: 964
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct mlxsw_core_fw_info *mlxsw_core_fw_info =
container_of(mlxfw_dev, struct mlxsw_core_fw_info, mlxfw_dev);
struct mlxsw_core *mlxsw_core = mlxsw_core_fw_info->mlxsw_core;
char mcc_pl[MLXSW_REG_MCC_LEN];
u8 control_state;
int err;
mlxsw_reg_mcc_pack(mcc_pl, 0, 0, 0, 0);
err = mlxsw_reg_query(mlxsw_core, MLXSW_REG(mcc), mcc_pl);
Reported by FlawFinder.
Line: 987
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct mlxsw_core_fw_info *mlxsw_core_fw_info =
container_of(mlxfw_dev, struct mlxsw_core_fw_info, mlxfw_dev);
struct mlxsw_core *mlxsw_core = mlxsw_core_fw_info->mlxsw_core;
char mcc_pl[MLXSW_REG_MCC_LEN];
mlxsw_reg_mcc_pack(mcc_pl, MLXSW_REG_MCC_INSTRUCTION_UPDATE_COMPONENT,
component_index, fwhandle, component_size);
return mlxsw_reg_write(mlxsw_core, MLXSW_REG(mcc), mcc_pl);
}
Reported by FlawFinder.
Line: 1000
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct mlxsw_core_fw_info *mlxsw_core_fw_info =
container_of(mlxfw_dev, struct mlxsw_core_fw_info, mlxfw_dev);
struct mlxsw_core *mlxsw_core = mlxsw_core_fw_info->mlxsw_core;
char mcda_pl[MLXSW_REG_MCDA_LEN];
mlxsw_reg_mcda_pack(mcda_pl, fwhandle, offset, size, data);
return mlxsw_reg_write(mlxsw_core, MLXSW_REG(mcda), mcda_pl);
}
Reported by FlawFinder.
Line: 1012
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct mlxsw_core_fw_info *mlxsw_core_fw_info =
container_of(mlxfw_dev, struct mlxsw_core_fw_info, mlxfw_dev);
struct mlxsw_core *mlxsw_core = mlxsw_core_fw_info->mlxsw_core;
char mcc_pl[MLXSW_REG_MCC_LEN];
mlxsw_reg_mcc_pack(mcc_pl, MLXSW_REG_MCC_INSTRUCTION_VERIFY_COMPONENT,
component_index, fwhandle, 0);
return mlxsw_reg_write(mlxsw_core, MLXSW_REG(mcc), mcc_pl);
}
Reported by FlawFinder.
Line: 1024
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct mlxsw_core_fw_info *mlxsw_core_fw_info =
container_of(mlxfw_dev, struct mlxsw_core_fw_info, mlxfw_dev);
struct mlxsw_core *mlxsw_core = mlxsw_core_fw_info->mlxsw_core;
char mcc_pl[MLXSW_REG_MCC_LEN];
mlxsw_reg_mcc_pack(mcc_pl, MLXSW_REG_MCC_INSTRUCTION_ACTIVATE, 0, fwhandle, 0);
return mlxsw_reg_write(mlxsw_core, MLXSW_REG(mcc), mcc_pl);
}
Reported by FlawFinder.
Line: 1037
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct mlxsw_core_fw_info *mlxsw_core_fw_info =
container_of(mlxfw_dev, struct mlxsw_core_fw_info, mlxfw_dev);
struct mlxsw_core *mlxsw_core = mlxsw_core_fw_info->mlxsw_core;
char mcc_pl[MLXSW_REG_MCC_LEN];
u8 control_state;
u8 error_code;
int err;
mlxsw_reg_mcc_pack(mcc_pl, 0, 0, fwhandle, 0);
Reported by FlawFinder.
Line: 1058
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct mlxsw_core_fw_info *mlxsw_core_fw_info =
container_of(mlxfw_dev, struct mlxsw_core_fw_info, mlxfw_dev);
struct mlxsw_core *mlxsw_core = mlxsw_core_fw_info->mlxsw_core;
char mcc_pl[MLXSW_REG_MCC_LEN];
mlxsw_reg_mcc_pack(mcc_pl, MLXSW_REG_MCC_INSTRUCTION_CANCEL, 0, fwhandle, 0);
mlxsw_reg_write(mlxsw_core, MLXSW_REG(mcc), mcc_pl);
}
Reported by FlawFinder.
Line: 1069
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct mlxsw_core_fw_info *mlxsw_core_fw_info =
container_of(mlxfw_dev, struct mlxsw_core_fw_info, mlxfw_dev);
struct mlxsw_core *mlxsw_core = mlxsw_core_fw_info->mlxsw_core;
char mcc_pl[MLXSW_REG_MCC_LEN];
mlxsw_reg_mcc_pack(mcc_pl, MLXSW_REG_MCC_INSTRUCTION_RELEASE_UPDATE_HANDLE, 0, fwhandle, 0);
mlxsw_reg_write(mlxsw_core, MLXSW_REG(mcc), mcc_pl);
}
Reported by FlawFinder.
drivers/md/dm-crypt.c
27 issues
Line: 458
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
/* LMK seed is on the position of LMK_KEYS + 1 key */
if (lmk->seed)
memcpy(lmk->seed, cc->key + (cc->tfms_count * subkey_size),
crypto_shash_digestsize(lmk->hash_tfm));
return 0;
}
Reported by FlawFinder.
Line: 517
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
for (i = 0; i < MD5_HASH_WORDS; i++)
__cpu_to_le32s(&md5state.hash[i]);
memcpy(iv, &md5state.hash, cc->iv_size);
return 0;
}
static int crypt_iv_lmk_gen(struct crypt_config *cc, u8 *iv,
Reported by FlawFinder.
Line: 614
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
struct iv_tcw_private *tcw = &cc->iv_gen_private.tcw;
int key_offset = cc->key_size - cc->iv_size - TCW_WHITENING_SIZE;
memcpy(tcw->iv_seed, &cc->key[key_offset], cc->iv_size);
memcpy(tcw->whitening, &cc->key[key_offset + cc->iv_size],
TCW_WHITENING_SIZE);
return 0;
}
Reported by FlawFinder.
Line: 615
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
int key_offset = cc->key_size - cc->iv_size - TCW_WHITENING_SIZE;
memcpy(tcw->iv_seed, &cc->key[key_offset], cc->iv_size);
memcpy(tcw->whitening, &cc->key[key_offset + cc->iv_size],
TCW_WHITENING_SIZE);
return 0;
}
Reported by FlawFinder.
Line: 981
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (bio_data_dir(dmreq->ctx->bio_in) == WRITE) {
sg2 = crypt_get_sg_data(cc, dmreq->sg_in);
data2 = kmap_atomic(sg_page(sg2));
memcpy(data_offset, data2 + sg2->offset, cc->sector_size);
kunmap_atomic(data2);
}
if (bio_data_dir(dmreq->ctx->bio_in) != WRITE) {
diffuser_disk_to_cpu((u32*)data_offset, cc->sector_size / sizeof(u32));
Reported by FlawFinder.
Line: 1336
Column: 4
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (cc->iv_gen_ops) {
/* For READs use IV stored in integrity metadata */
if (cc->integrity_iv_size && bio_data_dir(ctx->bio_in) != WRITE) {
memcpy(org_iv, tag_iv, cc->iv_size);
} else {
r = cc->iv_gen_ops->generator(cc, org_iv, dmreq);
if (r < 0)
return r;
/* Store generated IV in integrity metadata */
Reported by FlawFinder.
Line: 1343
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
return r;
/* Store generated IV in integrity metadata */
if (cc->integrity_iv_size)
memcpy(tag_iv, org_iv, cc->iv_size);
}
/* Working copy of IV, to be modified in crypto API */
memcpy(iv, org_iv, cc->iv_size);
}
Reported by FlawFinder.
Line: 1346
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
memcpy(tag_iv, org_iv, cc->iv_size);
}
/* Working copy of IV, to be modified in crypto API */
memcpy(iv, org_iv, cc->iv_size);
}
aead_request_set_ad(req, sizeof(uint64_t) + cc->iv_size);
if (bio_data_dir(ctx->bio_in) == WRITE) {
aead_request_set_crypt(req, dmreq->sg_in, dmreq->sg_out,
Reported by FlawFinder.
Line: 1364
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
}
if (r == -EBADMSG) {
char b[BDEVNAME_SIZE];
DMERR_LIMIT("%s: INTEGRITY AEAD ERROR, sector %llu", bio_devname(ctx->bio_in, b),
(unsigned long long)le64_to_cpu(*sector));
}
if (!r && cc->iv_gen_ops && cc->iv_gen_ops->post)
Reported by FlawFinder.
Line: 1423
Column: 4
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (cc->iv_gen_ops) {
/* For READs use IV stored in integrity metadata */
if (cc->integrity_iv_size && bio_data_dir(ctx->bio_in) != WRITE) {
memcpy(org_iv, tag_iv, cc->integrity_iv_size);
} else {
r = cc->iv_gen_ops->generator(cc, org_iv, dmreq);
if (r < 0)
return r;
/* Data can be already preprocessed in generator */
Reported by FlawFinder.
drivers/net/wireless/ath/ath9k/debug.c
27 issues
Line: 91
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
struct ath_softc *sc = file->private_data;
struct ath_common *common = ath9k_hw_common(sc->sc_ah);
char buf[32];
unsigned int len;
len = sprintf(buf, "0x%08x\n", common->debug_mask);
return simple_read_from_buffer(user_buf, count, ppos, buf, len);
}
Reported by FlawFinder.
Line: 94
Column: 8
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
char buf[32];
unsigned int len;
len = sprintf(buf, "0x%08x\n", common->debug_mask);
return simple_read_from_buffer(user_buf, count, ppos, buf, len);
}
static ssize_t write_file_debug(struct file *file, const char __user *user_buf,
size_t count, loff_t *ppos)
Reported by FlawFinder.
Line: 104
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct ath_softc *sc = file->private_data;
struct ath_common *common = ath9k_hw_common(sc->sc_ah);
unsigned long mask;
char buf[32];
ssize_t len;
len = min(count, sizeof(buf) - 1);
if (copy_from_user(buf, user_buf, len))
return -EFAULT;
Reported by FlawFinder.
Line: 194
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct ath_softc *sc = file->private_data;
struct ath_common *common = ath9k_hw_common(sc->sc_ah);
unsigned long ani;
char buf[32];
ssize_t len;
len = min(count, sizeof(buf) - 1);
if (copy_from_user(buf, user_buf, len))
return -EFAULT;
Reported by FlawFinder.
Line: 236
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
struct ath_softc *sc = file->private_data;
struct ath_common *common = ath9k_hw_common(sc->sc_ah);
char buf[32];
unsigned int len;
len = sprintf(buf, "%d\n", common->bt_ant_diversity);
return simple_read_from_buffer(user_buf, count, ppos, buf, len);
}
Reported by FlawFinder.
Line: 239
Column: 8
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
char buf[32];
unsigned int len;
len = sprintf(buf, "%d\n", common->bt_ant_diversity);
return simple_read_from_buffer(user_buf, count, ppos, buf, len);
}
static ssize_t write_file_bt_ant_diversity(struct file *file,
const char __user *user_buf,
Reported by FlawFinder.
Line: 251
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct ath_common *common = ath9k_hw_common(sc->sc_ah);
struct ath9k_hw_capabilities *pCap = &sc->sc_ah->caps;
unsigned long bt_ant_diversity;
char buf[32];
ssize_t len;
len = min(count, sizeof(buf) - 1);
if (copy_from_user(buf, user_buf, len))
return -EFAULT;
Reported by FlawFinder.
Line: 313
Column: 15
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
const unsigned int size = 1024;
ssize_t retval = 0;
char *buf;
static const char *lna_conf_str[4] = {
"LNA1_MINUS_LNA2", "LNA2", "LNA1", "LNA1_PLUS_LNA2"
};
buf = kzalloc(size, GFP_KERNEL);
if (buf == NULL)
Reported by FlawFinder.
Line: 642
Column: 15
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct ath_softc *sc = hw->priv;
struct ath_txq *txq;
int i;
static const char *qname[4] = {
"VO", "VI", "BE", "BK"
};
for (i = 0; i < IEEE80211_NUM_ACS; i++) {
txq = sc->tx.txq_map[i];
Reported by FlawFinder.
Line: 754
Column: 15
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
struct ieee80211_hw *hw = dev_get_drvdata(file->private);
struct ath_softc *sc = hw->priv;
static const char * const reset_cause[__RESET_TYPE_MAX] = {
[RESET_TYPE_BB_HANG] = "Baseband Hang",
[RESET_TYPE_BB_WATCHDOG] = "Baseband Watchdog",
[RESET_TYPE_FATAL_INT] = "Fatal HW Error",
[RESET_TYPE_TX_ERROR] = "TX HW error",
[RESET_TYPE_TX_GTT] = "Transmit timeout",
Reported by FlawFinder.