The following issues were found
sound/firewire/fireface/ff.c
3 issues
Line: 31
Column: 2
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
name = names[ff->unit_version];
strcpy(ff->card->driver, "Fireface");
strcpy(ff->card->shortname, name);
strcpy(ff->card->mixername, name);
snprintf(ff->card->longname, sizeof(ff->card->longname),
"RME %s, GUID %08x%08x at %s, S%d", name,
fw_dev->config_rom[3], fw_dev->config_rom[4],
dev_name(&ff->unit->device), 100 << fw_dev->max_speed);
Reported by FlawFinder.
Line: 32
Column: 2
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
strcpy(ff->card->driver, "Fireface");
strcpy(ff->card->shortname, name);
strcpy(ff->card->mixername, name);
snprintf(ff->card->longname, sizeof(ff->card->longname),
"RME %s, GUID %08x%08x at %s, S%d", name,
fw_dev->config_rom[3], fw_dev->config_rom[4],
dev_name(&ff->unit->device), 100 << fw_dev->max_speed);
}
Reported by FlawFinder.
Line: 30
Column: 2
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
name = names[ff->unit_version];
strcpy(ff->card->driver, "Fireface");
strcpy(ff->card->shortname, name);
strcpy(ff->card->mixername, name);
snprintf(ff->card->longname, sizeof(ff->card->longname),
"RME %s, GUID %08x%08x at %s, S%d", name,
fw_dev->config_rom[3], fw_dev->config_rom[4],
Reported by FlawFinder.
scripts/kconfig/tests/err_recursive_dep/__init__.py
3 issues
Line: 8
Column: 1
Recursive dependency should be treated as an error.
"""
def test(conf):
assert conf.oldaskconfig() == 1
assert conf.stderr_contains('expected_stderr')
Reported by Pylint.
Line: 9
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
"""
def test(conf):
assert conf.oldaskconfig() == 1
assert conf.stderr_contains('expected_stderr')
Reported by Bandit.
Line: 10
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
def test(conf):
assert conf.oldaskconfig() == 1
assert conf.stderr_contains('expected_stderr')
Reported by Bandit.
security/commoncap.c
3 issues
Line: 440
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
magic = le32_to_cpu(cap->magic_etc);
if (magic & VFS_CAP_FLAGS_EFFECTIVE)
nsmagic |= VFS_CAP_FLAGS_EFFECTIVE;
memcpy(&nscap->data, &cap->data, sizeof(__le32) * 2 * VFS_CAP_U32);
nscap->magic_etc = cpu_to_le32(nsmagic);
} else {
/* use allocated v3 buffer */
tmpbuf = NULL;
}
Reported by FlawFinder.
Line: 471
Column: 4
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
nsmagic = le32_to_cpu(nscap->magic_etc);
if (nsmagic & VFS_CAP_FLAGS_EFFECTIVE)
magic |= VFS_CAP_FLAGS_EFFECTIVE;
memcpy(&cap->data, &nscap->data, sizeof(__le32) * 2 * VFS_CAP_U32);
cap->magic_etc = cpu_to_le32(magic);
} else {
/* use unconverted v2 */
tmpbuf = NULL;
}
Reported by FlawFinder.
Line: 579
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (magic & VFS_CAP_FLAGS_EFFECTIVE)
nsmagic |= VFS_CAP_FLAGS_EFFECTIVE;
nscap->magic_etc = cpu_to_le32(nsmagic);
memcpy(&nscap->data, &cap->data, sizeof(__le32) * 2 * VFS_CAP_U32);
*ivalue = nscap;
return newsize;
}
Reported by FlawFinder.
security/keys/big_key.c
3 issues
Line: 133
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
return -ENOMEM;
prep->payload.data[big_key_data] = data;
memcpy(data, prep->data, prep->datalen);
}
return 0;
err_fput:
fput(file);
Reported by FlawFinder.
Line: 269
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
ret = datalen;
/* copy out decrypted data */
memcpy(buffer, buf, datalen);
err_fput:
fput(file);
error:
kvfree_sensitive(buf, enclen);
Reported by FlawFinder.
Line: 277
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
kvfree_sensitive(buf, enclen);
} else {
ret = datalen;
memcpy(buffer, key->payload.data[big_key_data], datalen);
}
return ret;
}
Reported by FlawFinder.
sound/soc/intel/atom/sst/sst_stream.c
3 issues
Line: 53
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
str_params->aparams.ring_buf_info[0].size;
str_info->alloc_param.frag_size = str_params->aparams.frag_size;
memcpy(&str_info->alloc_param.codec_params, &str_params->sparams,
sizeof(struct snd_sst_stream_params));
/*
* fill channel map params for multichannel support.
* Ideally channel map should be received from upper layers
Reported by FlawFinder.
Line: 193
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
length = bytes->len;
msg->mrfld_header.p.header_low_payload = length;
dev_dbg(sst_drv_ctx->dev, "length is %d\n", length);
memcpy(msg->mailbox_data, &bytes->bytes, bytes->len);
if (bytes->block) {
block = sst_create_block(sst_drv_ctx, bytes->ipc_msg, pvt_id);
if (block == NULL) {
kfree(msg);
ret = -ENOMEM;
Reported by FlawFinder.
Line: 225
Column: 4
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
dev_dbg(sst_drv_ctx->dev, "read back %d bytes",
bytes->len);
memcpy(bytes->bytes, r, bytes->len);
}
}
if (bytes->block)
sst_free_block(sst_drv_ctx, block);
out:
Reported by FlawFinder.
net/sunrpc/svcsock.c
3 issues
Line: 929
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (!req)
goto unlock_notfound;
memcpy(&req->rq_private_buf, &req->rq_rcv_buf, sizeof(struct xdr_buf));
/*
* XXX!: cheating for now! Only copying HEAD.
* But we know this is good enough for now (in fact, for any
* callback reply in the forseeable future).
*/
Reported by FlawFinder.
Line: 939
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
src = &rqstp->rq_arg.head[0];
if (dst->iov_len < src->iov_len)
goto unlock_eagain; /* whatever; just giving up. */
memcpy(dst->iov_base, src->iov_base, src->iov_len);
xprt_complete_rqst(req->rq_task, rqstp->rq_arg.len);
rqstp->rq_arg.len = 0;
spin_unlock(&bc_xprt->queue_lock);
return 0;
unlock_notfound:
Reported by FlawFinder.
Line: 1251
Column: 3
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
set_bit(XPT_CACHE_AUTH, &svsk->sk_xprt.xpt_flags);
set_bit(XPT_CONG_CTRL, &svsk->sk_xprt.xpt_flags);
if (sk->sk_state == TCP_LISTEN) {
strcpy(svsk->sk_xprt.xpt_remotebuf, "listener");
set_bit(XPT_LISTENER, &svsk->sk_xprt.xpt_flags);
sk->sk_data_ready = svc_tcp_listen_data_ready;
set_bit(XPT_CONN, &svsk->sk_xprt.xpt_flags);
} else {
sk->sk_state_change = svc_tcp_state_change;
Reported by FlawFinder.
sound/pci/lola/lola.c
3 issues
Line: 675
Column: 2
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
snprintf(card->longname, sizeof(card->longname),
"%s at 0x%lx irq %i",
card->shortname, chip->bar[0].addr, chip->irq);
strcpy(card->mixername, card->shortname);
lola_irq_enable(chip);
chip->initialized = 1;
*rchip = chip;
Reported by FlawFinder.
Line: 24
Column: 8
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
/* Standard options */
static int index[SNDRV_CARDS] = SNDRV_DEFAULT_IDX;
static char *id[SNDRV_CARDS] = SNDRV_DEFAULT_STR;
static bool enable[SNDRV_CARDS] = SNDRV_DEFAULT_ENABLE_PNP;
module_param_array(index, int, NULL, 0444);
MODULE_PARM_DESC(index, "Index value for Digigram Lola driver.");
module_param_array(id, charp, NULL, 0444);
Reported by FlawFinder.
Line: 670
Column: 2
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
goto errout;
}
strcpy(card->driver, "Lola");
strscpy(card->shortname, "Digigram Lola", sizeof(card->shortname));
snprintf(card->longname, sizeof(card->longname),
"%s at 0x%lx irq %i",
card->shortname, chip->bar[0].addr, chip->irq);
strcpy(card->mixername, card->shortname);
Reported by FlawFinder.
net/sunrpc/xprtrdma/svc_rdma.c
3 issues
Line: 81
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
void *buffer, size_t *lenp, loff_t *ppos)
{
struct percpu_counter *stat = (struct percpu_counter *)table->data;
char tmp[SVCRDMA_COUNTER_BUFSIZ + 1];
int len;
if (write) {
percpu_counter_set(stat, 0);
return 0;
Reported by FlawFinder.
Line: 102
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (len > *lenp)
len = *lenp;
if (len)
memcpy(buffer, tmp, len);
*lenp = len;
*ppos += len;
return 0;
}
Reported by FlawFinder.
Line: 93
Column: 8
CWE codes:
126
percpu_counter_sum_positive(stat));
if (len >= SVCRDMA_COUNTER_BUFSIZ)
return -EFAULT;
len = strlen(tmp);
if (*ppos > len) {
*lenp = 0;
return 0;
}
len -= *ppos;
Reported by FlawFinder.
net/sunrpc/xprtrdma/svc_rdma_backchannel.c
3 issues
Line: 37
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
goto out_unlock;
dst = &req->rq_private_buf.head[0];
memcpy(&req->rq_private_buf, &req->rq_rcv_buf, sizeof(struct xdr_buf));
if (dst->iov_len < src->iov_len)
goto out_unlock;
memcpy(dst->iov_base, src->iov_base, src->iov_len);
xprt_pin_rqst(req);
spin_unlock(&xprt->queue_lock);
Reported by FlawFinder.
Line: 40
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
memcpy(&req->rq_private_buf, &req->rq_rcv_buf, sizeof(struct xdr_buf));
if (dst->iov_len < src->iov_len)
goto out_unlock;
memcpy(dst->iov_base, src->iov_base, src->iov_len);
xprt_pin_rqst(req);
spin_unlock(&xprt->queue_lock);
credits = be32_to_cpup(rdma_resp + 2);
if (credits == 0)
Reported by FlawFinder.
Line: 268
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
xprt->prot = XPRT_TRANSPORT_BC_RDMA;
xprt->ops = &xprt_rdma_bc_procs;
memcpy(&xprt->addr, args->dstaddr, args->addrlen);
xprt->addrlen = args->addrlen;
xprt_rdma_format_addresses(xprt, (struct sockaddr *)&xprt->addr);
xprt->resvport = 0;
xprt->max_payload = xprt_rdma_max_inline_read;
Reported by FlawFinder.
scripts/kconfig/tests/auto_submenu/__init__.py
3 issues
Line: 11
Column: 1
"""
def test(conf):
assert conf.oldaskconfig() == 0
assert conf.stdout_contains('expected_stdout')
Reported by Pylint.
Line: 12
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
def test(conf):
assert conf.oldaskconfig() == 0
assert conf.stdout_contains('expected_stdout')
Reported by Bandit.
Line: 13
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
def test(conf):
assert conf.oldaskconfig() == 0
assert conf.stdout_contains('expected_stdout')
Reported by Bandit.