The following issues were found
fs/hpfs/hpfs.h
2 issues
Line: 333
Column: 6
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
#ifdef __LITTLE_ENDIAN
u8 read_only: 1; /* dos attrib */
u8 hidden: 1; /* dos attrib */
u8 system: 1; /* dos attrib */
u8 flag11: 1; /* would be volume label dos attrib */
u8 directory: 1; /* dos attrib */
u8 archive: 1; /* dos attrib */
u8 not_8x3: 1; /* name is not 8.3 */
u8 flag15: 1;
Reported by FlawFinder.
Line: 345
Column: 6
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
u8 archive: 1; /* dos attrib */
u8 directory: 1; /* dos attrib */
u8 flag11: 1; /* would be volume label dos attrib */
u8 system: 1; /* dos attrib */
u8 hidden: 1; /* dos attrib */
u8 read_only: 1; /* dos attrib */
#endif
__le32 fnode; /* fnode giving allocation info */
Reported by FlawFinder.
fs/hpfs/map.c
2 issues
Line: 100
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
brelse(bh);
return NULL;
}
memcpy(cp_table, ptr, 128);
brelse(bh);
/* Try to build lowercasing table from uppercasing one */
for (i=128; i<256; i++) cp_table[i]=i;
Reported by FlawFinder.
Line: 128
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
kfree(b);
return NULL;
}
memcpy((char *)b + 512 * i, d, 512);
brelse(bh);
}
return b;
}
Reported by FlawFinder.
fs/iomap/buffered-io.c
2 issues
Line: 223
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
BUG_ON(size > PAGE_SIZE - offset_in_page(iomap->inline_data));
addr = kmap_atomic(page);
memcpy(addr, iomap->inline_data, size);
memset(addr + size, 0, PAGE_SIZE - size);
kunmap_atomic(addr);
SetPageUptodate(page);
}
Reported by FlawFinder.
Line: 678
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
flush_dcache_page(page);
addr = kmap_atomic(page);
memcpy(iomap->inline_data + pos, addr + pos, copied);
kunmap_atomic(addr);
mark_inode_dirty(inode);
return copied;
}
Reported by FlawFinder.
fs/isofs/namei.c
2 issues
Line: 84
Column: 4
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
/* Make sure we have a full directory entry */
if (offset >= bufsize) {
int slop = bufsize - offset + de_len;
memcpy(tmpde, de, slop);
offset &= bufsize - 1;
block++;
brelse(bh);
bh = NULL;
if (offset) {
Reported by FlawFinder.
Line: 93
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
bh = isofs_bread(dir, block);
if (!bh)
return 0;
memcpy((void *) tmpde + slop, bh->b_data, offset);
}
de = tmpde;
}
dlen = de->name_len[0];
Reported by FlawFinder.
fs/jbd2/transaction.c
2 issues
Line: 923
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
source = kmap_atomic(page);
/* Fire data frozen trigger just before we copy the data */
jbd2_buffer_frozen_trigger(jh, source + offset, jh->b_triggers);
memcpy(jh->b_frozen_data, source + offset, bh->b_size);
kunmap_atomic(source);
/*
* Now that the frozen data is saved off, we need to store any matching
* triggers.
Reported by FlawFinder.
Line: 1381
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
jh->b_committed_data = committed_data;
committed_data = NULL;
memcpy(jh->b_committed_data, bh->b_data, bh->b_size);
}
spin_unlock(&jh->b_state_lock);
out:
jbd2_journal_put_journal_head(jh);
if (unlikely(committed_data))
Reported by FlawFinder.
fs/jffs2/gc.c
2 issues
Line: 860
Column: 13
CWE codes:
126
rd.magic = cpu_to_je16(JFFS2_MAGIC_BITMASK);
rd.nodetype = cpu_to_je16(JFFS2_NODETYPE_DIRENT);
rd.nsize = strlen(fd->name);
rd.totlen = cpu_to_je32(sizeof(rd) + rd.nsize);
rd.hdr_crc = cpu_to_je32(crc32(0, &rd, sizeof(struct jffs2_unknown_node)-4));
rd.pino = cpu_to_je32(f->inocache->ino);
rd.version = cpu_to_je32(++f->highest_version);
Reported by FlawFinder.
Line: 911
Column: 18
CWE codes:
126
struct jffs2_raw_node_ref *raw;
int ret;
size_t retlen;
int name_len = strlen(fd->name);
uint32_t name_crc = crc32(0, fd->name, name_len);
uint32_t rawlen = ref_totlen(c, jeb, fd->raw);
rd = kmalloc(rawlen, GFP_KERNEL);
if (!rd)
Reported by FlawFinder.
fs/jffs2/scan.c
2 issues
Line: 524
Column: 6
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
sumptr = kmalloc(sumlen, GFP_KERNEL);
if (!sumptr)
return -ENOMEM;
memcpy(sumptr + sumlen - buf_len, buf + buf_size - buf_len, buf_len);
}
if (buf_len < sumlen) {
/* Need to read more so that the entire summary node is present */
err = jffs2_fill_scan_buf(c, sumptr,
jeb->offset + c->sector_size - sumlen,
Reported by FlawFinder.
Line: 1079
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (!fd) {
return -ENOMEM;
}
memcpy(&fd->name, rd->name, checkedlen);
fd->name[checkedlen] = 0;
crc = crc32(0, fd->name, checkedlen);
if (crc != je32_to_cpu(rd->name_crc)) {
pr_notice("%s(): Name CRC failed on node at 0x%08x: Read 0x%08x, calculated 0x%08x\n",
Reported by FlawFinder.
fs/jfs/jfs_logmgr.c
2 issues
Line: 433
Column: 4
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
freespace = (LOGPSIZE - LOGPTLRSIZE) - dstoffset;
nbytes = min(freespace, srclen);
dst = (caddr_t) lp + dstoffset;
memcpy(dst, src, nbytes);
dstoffset += nbytes;
/* is page not full ? */
if (dstoffset < LOGPSIZE - LOGPTLRSIZE)
break;
Reported by FlawFinder.
Line: 481
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
freespace = (LOGPSIZE - LOGPTLRSIZE) - dstoffset;
nbytes = min(freespace, srclen);
dst = (caddr_t) lp + dstoffset;
memcpy(dst, src, nbytes);
dstoffset += nbytes;
srclen -= nbytes;
/* are there more to move than freespace of page ? */
Reported by FlawFinder.
fs/jfs/jfs_txnmgr.c
2 issues
Line: 2030
CWE codes:
908
pxdlock = (struct pxd_lock *) xadlock;
pxdlock->flag = mlckFREEPXD;
pxdlock->count = 1;
pxdlock->pxd = pxd;
jfs_info("xtLog: truncate ip:0x%p mp:0x%p count:%d hwm:%d",
ip, mp, pxdlock->count, hwm);
maplock->index++;
xadlock++;
Reported by Cppcheck.
Line: 2030
CWE codes:
908
pxdlock = (struct pxd_lock *) xadlock;
pxdlock->flag = mlckFREEPXD;
pxdlock->count = 1;
pxdlock->pxd = pxd;
jfs_info("xtLog: truncate ip:0x%p mp:0x%p count:%d hwm:%d",
ip, mp, pxdlock->count, hwm);
maplock->index++;
xadlock++;
Reported by Cppcheck.
fs/jfs/resize.c
2 issues
Line: 473
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
printk(KERN_ERR "jfs_extendfs: diReadSpecial(bmap) failed\n");
goto error_out;
}
memcpy(&JFS_IP(ipbmap2)->i_xtroot, &JFS_IP(ipbmap)->i_xtroot, 288);
ipbmap2->i_size = ipbmap->i_size;
ipbmap2->i_blocks = ipbmap->i_blocks;
diWriteSpecial(ipbmap2, 1);
diFreeSpecial(ipbmap2);
Reported by FlawFinder.
Line: 512
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
bh2 = sb_bread(sb, SUPER2_OFF >> sb->s_blocksize_bits);
if (bh2) {
j_sb2 = (struct jfs_superblock *)bh2->b_data;
memcpy(j_sb2, j_sb, sizeof (struct jfs_superblock));
mark_buffer_dirty(bh);
sync_dirty_buffer(bh2);
brelse(bh2);
}
Reported by FlawFinder.