The following issues were found
sound/pci/au88x0/au88x0_pcm.c
4 issues
Line: 118
Column: 15
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
struct snd_kcontrol *kctl, int activate)
{
if (activate)
kctl->vd[0].access &= ~SNDRV_CTL_ELEM_ACCESS_INACTIVE;
else
kctl->vd[0].access |= SNDRV_CTL_ELEM_ACCESS_INACTIVE;
snd_ctl_notify(card, SNDRV_CTL_EVENT_MASK_VALUE |
SNDRV_CTL_EVENT_MASK_INFO, &(kctl->id));
}
Reported by FlawFinder.
Line: 120
Column: 15
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
if (activate)
kctl->vd[0].access &= ~SNDRV_CTL_ELEM_ACCESS_INACTIVE;
else
kctl->vd[0].access |= SNDRV_CTL_ELEM_ACCESS_INACTIVE;
snd_ctl_notify(card, SNDRV_CTL_EVENT_MASK_VALUE |
SNDRV_CTL_EVENT_MASK_INFO, &(kctl->id));
}
/* open callback */
Reported by FlawFinder.
Line: 436
Column: 14
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
* definitions of capture are omitted here...
*/
static const char * const vortex_pcm_prettyname[VORTEX_PCM_LAST] = {
CARD_NAME " ADB",
CARD_NAME " SPDIF",
CARD_NAME " A3D",
CARD_NAME " WT",
CARD_NAME " I2S",
Reported by FlawFinder.
Line: 443
Column: 14
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
CARD_NAME " WT",
CARD_NAME " I2S",
};
static const char * const vortex_pcm_name[VORTEX_PCM_LAST] = {
"adb",
"spdif",
"a3d",
"wt",
"i2s",
Reported by FlawFinder.
sound/soc/intel/boards/skl_nau88l25_ssm4567.c
4 issues
Line: 440
Column: 21
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
SND_SOC_DAILINK_DEF(dummy,
DAILINK_COMP_ARRAY(COMP_DUMMY()));
SND_SOC_DAILINK_DEF(system,
DAILINK_COMP_ARRAY(COMP_CPU("System Pin")));
SND_SOC_DAILINK_DEF(reference,
DAILINK_COMP_ARRAY(COMP_CPU("Reference Pin")));
Reported by FlawFinder.
Line: 506
Column: 23
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
SND_SOC_DPCM_TRIGGER_POST, SND_SOC_DPCM_TRIGGER_POST},
.dpcm_playback = 1,
.ops = &skylake_nau8825_fe_ops,
SND_SOC_DAILINK_REG(system, dummy, platform),
},
[SKL_DPCM_AUDIO_CP] = {
.name = "Skl Audio Capture Port",
.stream_name = "Audio Record",
.dynamic = 1,
Reported by FlawFinder.
Line: 517
Column: 23
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
SND_SOC_DPCM_TRIGGER_POST, SND_SOC_DPCM_TRIGGER_POST},
.dpcm_capture = 1,
.ops = &skylake_nau8825_fe_ops,
SND_SOC_DAILINK_REG(system, dummy, platform),
},
[SKL_DPCM_AUDIO_REF_CP] = {
.name = "Skl Audio Reference cap",
.stream_name = "Wake on Voice",
.init = NULL,
Reported by FlawFinder.
Line: 646
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct skl_hdmi_pcm *pcm;
struct snd_soc_component *component = NULL;
int err, i = 0;
char jack_name[NAME_SIZE];
list_for_each_entry(pcm, &ctx->hdmi_pcm_list, head) {
component = pcm->codec_dai->component;
snprintf(jack_name, sizeof(jack_name),
"HDMI/DP, pcm=%d Jack", pcm->device);
Reported by FlawFinder.
scripts/dtc/livetree.c
4 issues
Line: 238
Column: 32
CWE codes:
126
if (ref[0] == '/') {
d = data_add_marker(d, TYPE_STRING, ref);
d = data_append_data(d, ref, strlen(ref) + 1);
p = build_property("target-path", d, NULL);
} else {
d = data_add_marker(d, REF_PHANDLE, ref);
d = data_append_integer(d, 0xffffffff, 32);
Reported by FlawFinder.
Line: 543
Column: 19
CWE codes:
126
struct node *child, *node;
struct label *l;
assert(label && (strlen(label) > 0));
for_each_label(tree->labels, l)
if (streq(l->label, label))
return tree;
Reported by FlawFinder.
Line: 850
Column: 7
CWE codes:
126
/* insert it */
p = build_property(l->label,
data_copy_escape_string(node->fullpath,
strlen(node->fullpath)),
NULL);
add_property(an, p);
}
/* force allocation of a phandle for this node */
Reported by FlawFinder.
Line: 901
Column: 40
CWE codes:
126
xasprintf(&entry, "%s:%s:%u",
node->fullpath, prop->name, m->offset);
append_to_property(fn, m->ref, entry, strlen(entry) + 1, TYPE_STRING);
free(entry);
}
static void generate_fixups_tree_internal(struct dt_info *dti,
Reported by FlawFinder.
sound/soc/intel/boards/skl_nau88l25_max98357a.c
4 issues
Line: 402
Column: 21
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
SND_SOC_DAILINK_DEF(dummy,
DAILINK_COMP_ARRAY(COMP_DUMMY()));
SND_SOC_DAILINK_DEF(system,
DAILINK_COMP_ARRAY(COMP_CPU("System Pin")));
SND_SOC_DAILINK_DEF(reference,
DAILINK_COMP_ARRAY(COMP_CPU("Reference Pin")));
Reported by FlawFinder.
Line: 467
Column: 23
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
SND_SOC_DPCM_TRIGGER_POST, SND_SOC_DPCM_TRIGGER_POST},
.dpcm_playback = 1,
.ops = &skylake_nau8825_fe_ops,
SND_SOC_DAILINK_REG(system, dummy, platform),
},
[SKL_DPCM_AUDIO_CP] = {
.name = "Skl Audio Capture Port",
.stream_name = "Audio Record",
.dynamic = 1,
Reported by FlawFinder.
Line: 478
Column: 23
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
SND_SOC_DPCM_TRIGGER_POST, SND_SOC_DPCM_TRIGGER_POST},
.dpcm_capture = 1,
.ops = &skylake_nau8825_fe_ops,
SND_SOC_DAILINK_REG(system, dummy, platform),
},
[SKL_DPCM_AUDIO_REF_CP] = {
.name = "Skl Audio Reference cap",
.stream_name = "Wake on Voice",
.init = NULL,
Reported by FlawFinder.
Line: 605
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct skl_hdmi_pcm *pcm;
struct snd_soc_component *component = NULL;
int err, i = 0;
char jack_name[NAME_SIZE];
list_for_each_entry(pcm, &ctx->hdmi_pcm_list, head) {
component = pcm->codec_dai->component;
snprintf(jack_name, sizeof(jack_name),
"HDMI/DP, pcm=%d Jack", pcm->device);
Reported by FlawFinder.
sound/soc/intel/boards/kbl_rt5663_rt5514_max98927.c
4 issues
Line: 505
Column: 21
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
SND_SOC_DAILINK_DEF(dummy,
DAILINK_COMP_ARRAY(COMP_DUMMY()));
SND_SOC_DAILINK_DEF(system,
DAILINK_COMP_ARRAY(COMP_CPU("System Pin")));
SND_SOC_DAILINK_DEF(system2,
DAILINK_COMP_ARRAY(COMP_CPU("System Pin2")));
Reported by FlawFinder.
Line: 567
Column: 23
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
SND_SOC_DPCM_TRIGGER_POST, SND_SOC_DPCM_TRIGGER_POST},
.dpcm_playback = 1,
.ops = &kabylake_rt5663_fe_ops,
SND_SOC_DAILINK_REG(system, dummy, platform),
},
[KBL_DPCM_AUDIO_CP] = {
.name = "Kbl Audio Capture Port",
.stream_name = "Audio Record",
.dynamic = 1,
Reported by FlawFinder.
Line: 578
Column: 23
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
SND_SOC_DPCM_TRIGGER_POST, SND_SOC_DPCM_TRIGGER_POST},
.dpcm_capture = 1,
.ops = &kabylake_rt5663_fe_ops,
SND_SOC_DAILINK_REG(system, dummy, platform),
},
[KBL_DPCM_AUDIO_HS_PB] = {
.name = "Kbl Audio Headset Playback",
.stream_name = "Headset Audio",
.dpcm_playback = 1,
Reported by FlawFinder.
Line: 739
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct kbl_hdmi_pcm *pcm;
struct snd_soc_component *component = NULL;
int err, i = 0;
char jack_name[NAME_SIZE];
list_for_each_entry(pcm, &ctx->hdmi_pcm_list, head) {
component = pcm->codec_dai->component;
snprintf(jack_name, sizeof(jack_name),
"HDMI/DP,pcm=%d Jack", pcm->device);
Reported by FlawFinder.
sound/soc/intel/boards/kbl_rt5660.c
4 issues
Line: 335
Column: 21
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
SND_SOC_DAILINK_DEF(dummy,
DAILINK_COMP_ARRAY(COMP_DUMMY()));
SND_SOC_DAILINK_DEF(system,
DAILINK_COMP_ARRAY(COMP_CPU("System Pin")));
SND_SOC_DAILINK_DEF(hdmi1,
DAILINK_COMP_ARRAY(COMP_CPU("HDMI1 Pin")));
Reported by FlawFinder.
Line: 382
Column: 23
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
SND_SOC_DPCM_TRIGGER_POST, SND_SOC_DPCM_TRIGGER_POST},
.dpcm_playback = 1,
.ops = &kabylake_rt5660_fe_ops,
SND_SOC_DAILINK_REG(system, dummy, platform),
},
[KBL_DPCM_AUDIO_CP] = {
.name = "Kbl Audio Capture Port",
.stream_name = "Audio Record",
.dynamic = 1,
Reported by FlawFinder.
Line: 393
Column: 23
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
SND_SOC_DPCM_TRIGGER_POST, SND_SOC_DPCM_TRIGGER_POST},
.dpcm_capture = 1,
.ops = &kabylake_rt5660_fe_ops,
SND_SOC_DAILINK_REG(system, dummy, platform),
},
[KBL_DPCM_AUDIO_HDMI1_PB] = {
.name = "Kbl HDMI Port1",
.stream_name = "Hdmi1",
.dpcm_playback = 1,
Reported by FlawFinder.
Line: 481
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct kbl_hdmi_pcm *pcm;
struct snd_soc_component *component = NULL;
int err, i = 0;
char jack_name[NAME_SIZE];
list_for_each_entry(pcm, &ctx->hdmi_pcm_list, head) {
component = pcm->codec_dai->component;
snprintf(jack_name, sizeof(jack_name),
"HDMI/DP, pcm=%d Jack", pcm->device);
Reported by FlawFinder.
samples/vfs/test-statx.c
4 issues
Line: 52
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
struct tm tm;
time_t tim;
char buffer[100];
int len;
tim = ts->tv_sec;
if (!localtime_r(&tim, &tm)) {
perror("localtime_r");
Reported by FlawFinder.
Line: 79
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static void dump_statx(struct statx *stx)
{
char buffer[256], ft = '?';
printf("results=%x\n", stx->stx_mask);
printf(" ");
if (stx->stx_mask & STATX_SIZE)
Reported by FlawFinder.
Line: 106
Column: 2
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
printf(" no type\n");
}
sprintf(buffer, "%02x:%02x", stx->stx_dev_major, stx->stx_dev_minor);
printf("Device: %-15s", buffer);
if (stx->stx_mask & STATX_INO)
printf(" Inode: %-11llu", (unsigned long long) stx->stx_ino);
if (stx->stx_mask & STATX_NLINK)
printf(" Links: %-5u", stx->stx_nlink);
Reported by FlawFinder.
Line: 154
Column: 10
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
unsigned char bits, mbits;
int loop, byte;
static char attr_representation[64 + 1] =
/* STATX_ATTR_ flags: */
"????????" /* 63-56 */
"????????" /* 55-48 */
"????????" /* 47-40 */
"????????" /* 39-32 */
Reported by FlawFinder.
sound/soc/intel/boards/kbl_da7219_max98357a.c
4 issues
Line: 379
Column: 21
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
SND_SOC_DAILINK_DEF(dummy,
DAILINK_COMP_ARRAY(COMP_DUMMY()));
SND_SOC_DAILINK_DEF(system,
DAILINK_COMP_ARRAY(COMP_CPU("System Pin")));
SND_SOC_DAILINK_DEF(reference,
DAILINK_COMP_ARRAY(COMP_CPU("Reference Pin")));
Reported by FlawFinder.
Line: 446
Column: 23
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
SND_SOC_DPCM_TRIGGER_POST, SND_SOC_DPCM_TRIGGER_POST},
.dpcm_playback = 1,
.ops = &kabylake_da7219_fe_ops,
SND_SOC_DAILINK_REG(system, dummy, platform),
},
[KBL_DPCM_AUDIO_CP] = {
.name = "Kbl Audio Capture Port",
.stream_name = "Audio Record",
.dynamic = 1,
Reported by FlawFinder.
Line: 457
Column: 23
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
SND_SOC_DPCM_TRIGGER_POST, SND_SOC_DPCM_TRIGGER_POST},
.dpcm_capture = 1,
.ops = &kabylake_da7219_fe_ops,
SND_SOC_DAILINK_REG(system, dummy, platform),
},
[KBL_DPCM_AUDIO_REF_CP] = {
.name = "Kbl Audio Reference cap",
.stream_name = "Wake on Voice",
.init = NULL,
Reported by FlawFinder.
Line: 583
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct kbl_hdmi_pcm *pcm;
struct snd_soc_component *component = NULL;
int err, i = 0;
char jack_name[NAME_SIZE];
list_for_each_entry(pcm, &ctx->hdmi_pcm_list, head) {
component = pcm->codec_dai->component;
snprintf(jack_name, sizeof(jack_name),
"HDMI/DP, pcm=%d Jack", pcm->device);
Reported by FlawFinder.
sound/soc/intel/boards/glk_rt5682_max98357a.c
4 issues
Line: 315
Column: 21
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
SND_SOC_DAILINK_DEF(dummy,
DAILINK_COMP_ARRAY(COMP_DUMMY()));
SND_SOC_DAILINK_DEF(system,
DAILINK_COMP_ARRAY(COMP_CPU("System Pin")));
SND_SOC_DAILINK_DEF(system2,
DAILINK_COMP_ARRAY(COMP_CPU("System Pin2")));
Reported by FlawFinder.
Line: 386
Column: 23
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
.trigger = {
SND_SOC_DPCM_TRIGGER_POST, SND_SOC_DPCM_TRIGGER_POST},
.dpcm_playback = 1,
SND_SOC_DAILINK_REG(system, dummy, platform),
},
[GLK_DPCM_AUDIO_CP] = {
.name = "Glk Audio Capture Port",
.stream_name = "Audio Record",
.dynamic = 1,
Reported by FlawFinder.
Line: 396
Column: 23
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
.trigger = {
SND_SOC_DPCM_TRIGGER_POST, SND_SOC_DPCM_TRIGGER_POST},
.dpcm_capture = 1,
SND_SOC_DAILINK_REG(system, dummy, platform),
},
[GLK_DPCM_AUDIO_HS_PB] = {
.name = "Glk Audio Headset Playback",
.stream_name = "Headset Audio",
.dpcm_playback = 1,
Reported by FlawFinder.
Line: 536
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
struct glk_card_private *ctx = snd_soc_card_get_drvdata(card);
struct snd_soc_component *component = NULL;
char jack_name[NAME_SIZE];
struct glk_hdmi_pcm *pcm;
int err;
int i = 0;
if (list_empty(&ctx->hdmi_pcm_list))
Reported by FlawFinder.
sound/atmel/ac97c.c
4 issues
Line: 593
Column: 2
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
pcm->private_data = chip;
pcm->info_flags = 0;
strcpy(pcm->name, chip->card->shortname);
chip->pcm = pcm;
return 0;
}
Reported by FlawFinder.
Line: 752
Column: 2
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
spin_lock_init(&chip->lock);
strcpy(card->driver, "Atmel AC97C");
strcpy(card->shortname, "Atmel AC97C");
sprintf(card->longname, "Atmel AC97 controller");
chip->card = card;
chip->pclk = pclk;
Reported by FlawFinder.
Line: 753
Column: 2
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
spin_lock_init(&chip->lock);
strcpy(card->driver, "Atmel AC97C");
strcpy(card->shortname, "Atmel AC97C");
sprintf(card->longname, "Atmel AC97 controller");
chip->card = card;
chip->pclk = pclk;
chip->pdev = pdev;
Reported by FlawFinder.
Line: 754
Column: 2
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
strcpy(card->driver, "Atmel AC97C");
strcpy(card->shortname, "Atmel AC97C");
sprintf(card->longname, "Atmel AC97 controller");
chip->card = card;
chip->pclk = pclk;
chip->pdev = pdev;
chip->regs = ioremap(regs->start, resource_size(regs));
Reported by FlawFinder.