The following issues were found
arch/mips/include/asm/txx9/generic.h
2 issues
Line: 32
Column: 14
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
struct pci_dev;
struct txx9_board_vec {
const char *system;
void (*prom_init)(void);
void (*mem_setup)(void);
void (*irq_setup)(void);
void (*time_init)(void);
void (*arch_init)(void);
Reported by FlawFinder.
Line: 17
Column: 8
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
extern struct resource txx9_ce_res[];
#define TXX9_CE(n) (unsigned long)(txx9_ce_res[(n)].start)
extern unsigned int txx9_pcode;
extern char txx9_pcode_str[8];
void txx9_reg_res_init(unsigned int pcode, unsigned long base,
unsigned long size);
extern unsigned int txx9_master_clock;
extern unsigned int txx9_cpu_clock;
Reported by FlawFinder.
arch/mips/kernel/kprobes.c
2 issues
Line: 124
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
* So, read the instruction and save it for later execution.
*/
if (insn_has_delayslot(insn))
memcpy(&p->ainsn.insn[0], p->addr + 1, sizeof(kprobe_opcode_t));
else
memcpy(&p->ainsn.insn[0], p->addr, sizeof(kprobe_opcode_t));
p->ainsn.insn[1] = breakpoint2_insn;
p->opcode = *p->addr;
Reported by FlawFinder.
Line: 126
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (insn_has_delayslot(insn))
memcpy(&p->ainsn.insn[0], p->addr + 1, sizeof(kprobe_opcode_t));
else
memcpy(&p->ainsn.insn[0], p->addr, sizeof(kprobe_opcode_t));
p->ainsn.insn[1] = breakpoint2_insn;
p->opcode = *p->addr;
out:
Reported by FlawFinder.
arch/mips/kernel/setup.c
2 issues
Line: 66
Column: 8
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
EXPORT_SYMBOL(mips_machtype);
static char __initdata command_line[COMMAND_LINE_SIZE];
char __initdata arcs_cmdline[COMMAND_LINE_SIZE];
#ifdef CONFIG_CMDLINE_BOOL
static const char builtin_cmdline[] __initconst = CONFIG_CMDLINE;
#else
Reported by FlawFinder.
Line: 67
Column: 1
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
EXPORT_SYMBOL(mips_machtype);
static char __initdata command_line[COMMAND_LINE_SIZE];
char __initdata arcs_cmdline[COMMAND_LINE_SIZE];
#ifdef CONFIG_CMDLINE_BOOL
static const char builtin_cmdline[] __initconst = CONFIG_CMDLINE;
#else
static const char builtin_cmdline[] __initconst = "";
Reported by FlawFinder.
arch/mips/lantiq/prom.h
2 issues
Line: 16
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct ltq_soc_info {
unsigned char *name;
unsigned int rev;
unsigned char rev_type[LTQ_SYS_REV_LEN];
unsigned int srev;
unsigned int partnum;
unsigned int type;
unsigned char sys_type[LTQ_SYS_TYPE_LEN];
unsigned char *compatible;
Reported by FlawFinder.
Line: 20
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
unsigned int srev;
unsigned int partnum;
unsigned int type;
unsigned char sys_type[LTQ_SYS_TYPE_LEN];
unsigned char *compatible;
};
extern void ltq_soc_detect(struct ltq_soc_info *i);
extern void ltq_soc_init(void);
Reported by FlawFinder.
arch/mips/lib/iomap-pci.c
2 issues
Line: 25
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
/* This will eventually become a BUG_ON but for now be gentle */
if (unlikely(!ctrl->io_map_base)) {
struct pci_bus *bus = dev->bus;
char name[8];
while (bus->parent)
bus = bus->parent;
ctrl->io_map_base = base = mips_io_port_base;
Reported by FlawFinder.
Line: 32
Column: 3
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
ctrl->io_map_base = base = mips_io_port_base;
sprintf(name, "%04x:%02x", pci_domain_nr(bus), bus->number);
printk(KERN_WARNING "io_map_base of root PCI bus %s unset. "
"Trying to continue but you better\nfix this issue or "
"report it to linux-mips@vger.kernel.org or your "
"vendor.\n", name);
#ifdef CONFIG_PCI_DOMAINS
Reported by FlawFinder.
arch/mips/math-emu/cp1emu.c
2 issues
Line: 1394
Column: 23
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
* Conversion table from MIPS compare ops 48-63
* cond = ieee754dp_cmp(x,y,IEEE754_UN,sig);
*/
static const unsigned char cmptab[8] = {
0, /* cmp_0 (sig) cmp_sf */
IEEE754_CUN, /* cmp_un (sig) cmp_ngle */
IEEE754_CEQ, /* cmp_eq (sig) cmp_seq */
IEEE754_CEQ | IEEE754_CUN, /* cmp_ueq (sig) cmp_ngl */
IEEE754_CLT, /* cmp_olt (sig) cmp_lt */
Reported by FlawFinder.
Line: 1405
Column: 23
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
IEEE754_CLT | IEEE754_CEQ | IEEE754_CUN, /* cmp_ule (sig) cmp_ngt */
};
static const unsigned char negative_cmptab[8] = {
0, /* Reserved */
IEEE754_CLT | IEEE754_CGT | IEEE754_CEQ,
IEEE754_CLT | IEEE754_CGT | IEEE754_CUN,
IEEE754_CLT | IEEE754_CGT,
/* Reserved */
Reported by FlawFinder.
arch/mips/math-emu/me-debugfs.c
2 issues
Line: 44
Column: 2
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
{
int i = 0;
strcpy(out_name, in_name);
while (in_name[i] != '\0') {
if (out_name[i] == '_')
out_name[i] = '.';
i++;
}
Reported by FlawFinder.
Line: 192
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
struct dentry *fpuemu_debugfs_base_dir;
struct dentry *fpuemu_debugfs_inst_dir;
char name[32];
fpuemu_debugfs_base_dir = debugfs_create_dir("fpuemustats",
mips_debugfs_dir);
debugfs_create_file("fpuemustats_clear", 0444, mips_debugfs_dir, NULL,
Reported by FlawFinder.
arch/mips/mti-malta/malta-setup.c
2 issues
Line: 154
Column: 3
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
pr_warn("WARNING: PCI clock is %dMHz, setting pci_clock\n",
pciclock);
argptr += strlen(argptr);
sprintf(argptr, " pci_clock=%d", pciclock);
if (pciclock < 20 || pciclock > 66)
pr_warn("WARNING: IDE timing calculations will be "
"incorrect\n");
}
}
Reported by FlawFinder.
Line: 153
Column: 13
CWE codes:
126
if (pciclock != 33) {
pr_warn("WARNING: PCI clock is %dMHz, setting pci_clock\n",
pciclock);
argptr += strlen(argptr);
sprintf(argptr, " pci_clock=%d", pciclock);
if (pciclock < 20 || pciclock > 66)
pr_warn("WARNING: IDE timing calculations will be "
"incorrect\n");
}
Reported by FlawFinder.
arch/mips/pistachio/init.c
2 issues
Line: 89
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
base = cpu_has_veic ?
(void *)(CAC_BASE + 0xa80) :
(void *)(CAC_BASE + 0x380);
memcpy(base, except_vec_nmi, 0x80);
flush_icache_range((unsigned long)base,
(unsigned long)base + 0x80);
}
static void __init mips_ejtag_setup(void)
Reported by FlawFinder.
Line: 102
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
base = cpu_has_veic ?
(void *)(CAC_BASE + 0xa00) :
(void *)(CAC_BASE + 0x300);
memcpy(base, except_vec_ejtag_debug, 0x80);
flush_icache_range((unsigned long)base,
(unsigned long)base + 0x80);
}
void __init prom_init(void)
Reported by FlawFinder.
arch/mips/sgi-ip22/ip22-eisa.c
2 issues
Line: 53
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static char __init *decode_eisa_sig(unsigned long addr)
{
static char sig_str[EISA_SIG_LEN] __initdata;
u8 sig[4];
u16 rev;
int i;
for (i = 0; i < 4; i++) {
Reported by FlawFinder.
Line: 69
Column: 2
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
sig_str[1] = (((sig[0] & 3) << 3) | (sig[1] >> 5)) + ('A' - 1);
sig_str[2] = (sig[1] & 0x1f) + ('A' - 1);
rev = (sig[2] << 8) | sig[3];
sprintf(sig_str + 3, "%04X", rev);
return sig_str;
}
static irqreturn_t ip22_eisa_intr(int irq, void *dev_id)
Reported by FlawFinder.