The following issues were found
arch/s390/boot/ipl_report.c
2 issues
Line: 82
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
ptr = (struct ipl_rb_component_entry *) early_ipl_comp_list_addr;
for_each_rb_entry(comp, comps)
memcpy(ptr++, comp, sizeof(*ptr));
}
static void copy_certificates_bootdata(struct ipl_rb_certificates *certs)
{
struct ipl_rb_certificate_entry *cert;
Reported by FlawFinder.
Line: 94
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
for_each_rb_entry(cert, certs) {
*(unsigned int *) ptr = cert->len;
ptr += sizeof(unsigned int);
memcpy(ptr, (void *) cert->addr, cert->len);
ptr += cert->len;
}
}
unsigned long read_ipl_report(unsigned long safe_addr)
Reported by FlawFinder.
arch/s390/crypto/sha1_s390.c
2 issues
Line: 62
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
const struct sha1_state *ictx = in;
sctx->count = ictx->count;
memcpy(sctx->state, ictx->state, sizeof(ictx->state));
memcpy(sctx->buf, ictx->buffer, sizeof(ictx->buffer));
sctx->func = CPACF_KIMD_SHA_1;
return 0;
}
Reported by FlawFinder.
Line: 63
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
sctx->count = ictx->count;
memcpy(sctx->state, ictx->state, sizeof(ictx->state));
memcpy(sctx->buf, ictx->buffer, sizeof(ictx->buffer));
sctx->func = CPACF_KIMD_SHA_1;
return 0;
}
static struct shash_alg alg = {
Reported by FlawFinder.
arch/s390/crypto/sha256_s390.c
2 issues
Line: 55
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
const struct sha256_state *ictx = in;
sctx->count = ictx->count;
memcpy(sctx->state, ictx->state, sizeof(ictx->state));
memcpy(sctx->buf, ictx->buf, sizeof(ictx->buf));
sctx->func = CPACF_KIMD_SHA_256;
return 0;
}
Reported by FlawFinder.
Line: 56
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
sctx->count = ictx->count;
memcpy(sctx->state, ictx->state, sizeof(ictx->state));
memcpy(sctx->buf, ictx->buf, sizeof(ictx->buf));
sctx->func = CPACF_KIMD_SHA_256;
return 0;
}
static struct shash_alg sha256_alg = {
Reported by FlawFinder.
arch/s390/crypto/sha512_s390.c
2 issues
Line: 60
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
return -ERANGE;
sctx->count = ictx->count[0];
memcpy(sctx->state, ictx->state, sizeof(ictx->state));
memcpy(sctx->buf, ictx->buf, sizeof(ictx->buf));
sctx->func = CPACF_KIMD_SHA_512;
return 0;
}
Reported by FlawFinder.
Line: 61
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
sctx->count = ictx->count[0];
memcpy(sctx->state, ictx->state, sizeof(ictx->state));
memcpy(sctx->buf, ictx->buf, sizeof(ictx->buf));
sctx->func = CPACF_KIMD_SHA_512;
return 0;
}
static struct shash_alg sha512_alg = {
Reported by FlawFinder.
arch/s390/include/asm/ctl_reg.h
2 issues
Line: 37
Column: 19
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#include <linux/bug.h>
#define __ctl_load(array, low, high) do { \
typedef struct { char _[sizeof(array)]; } addrtype; \
\
BUILD_BUG_ON(sizeof(addrtype) != (high - low + 1) * sizeof(long));\
asm volatile( \
" lctlg %1,%2,%0\n" \
: \
Reported by FlawFinder.
Line: 48
Column: 19
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
} while (0)
#define __ctl_store(array, low, high) do { \
typedef struct { char _[sizeof(array)]; } addrtype; \
\
BUILD_BUG_ON(sizeof(addrtype) != (high - low + 1) * sizeof(long));\
asm volatile( \
" stctg %1,%2,%0\n" \
: "=Q" (*(addrtype *)(&array)) \
Reported by FlawFinder.
arch/s390/include/asm/fpu/internal.h
2 issues
Line: 48
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (MACHINE_HAS_VX)
convert_vx_to_fp((freg_t *)&fpregs->fprs, fpu->vxrs);
else
memcpy((freg_t *)&fpregs->fprs, fpu->fprs,
sizeof(fpregs->fprs));
}
static inline void fpregs_load(_s390_fp_regs *fpregs, struct fpu *fpu)
{
Reported by FlawFinder.
Line: 58
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (MACHINE_HAS_VX)
convert_fp_to_vx(fpu->vxrs, (freg_t *)&fpregs->fprs);
else
memcpy(fpu->fprs, (freg_t *)&fpregs->fprs,
sizeof(fpregs->fprs));
}
#endif /* _ASM_S390_FPU_INTERNAL_H */
Reported by FlawFinder.
arch/s390/include/asm/ipl.h
2 issues
Line: 25
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct ipl_pb0_fcp fcp;
struct ipl_pb0_ccw ccw;
struct ipl_pb0_nvme nvme;
char raw[PAGE_SIZE - sizeof(struct ipl_pl_hdr)];
};
} __packed __aligned(PAGE_SIZE);
#define NSS_NAME_SIZE 8
Reported by FlawFinder.
Line: 89
Column: 4
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
u32 nsid;
} nvme;
struct {
char name[NSS_NAME_SIZE + 1];
} nss;
} data;
};
extern struct ipl_info ipl_info;
Reported by FlawFinder.
arch/s390/include/asm/pci_debug.h
2 issues
Line: 16
Column: 3
CWE codes:
134
Suggestion:
Use a constant for the format specification
#define zpci_err(text...) \
do { \
char debug_buffer[16]; \
snprintf(debug_buffer, 16, text); \
debug_text_event(pci_debug_err_id, 0, debug_buffer); \
} while (0)
static inline void zpci_err_hex(void *addr, int len)
{
Reported by FlawFinder.
Line: 15
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#define zpci_err(text...) \
do { \
char debug_buffer[16]; \
snprintf(debug_buffer, 16, text); \
debug_text_event(pci_debug_err_id, 0, debug_buffer); \
} while (0)
static inline void zpci_err_hex(void *addr, int len)
Reported by FlawFinder.
arch/s390/include/asm/setup.h
2 issues
Line: 77
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
unsigned long oldmem_base; /* 0x10418 */
unsigned long oldmem_size; /* 0x10420 */
unsigned long kernel_version; /* 0x10428 */
char pad1[0x10480 - 0x10430]; /* 0x10430 - 0x10480 */
char command_line[ARCH_COMMAND_LINE_SIZE]; /* 0x10480 */
};
extern struct parmarea parmarea;
Reported by FlawFinder.
Line: 78
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
unsigned long oldmem_size; /* 0x10420 */
unsigned long kernel_version; /* 0x10428 */
char pad1[0x10480 - 0x10430]; /* 0x10430 - 0x10480 */
char command_line[ARCH_COMMAND_LINE_SIZE]; /* 0x10480 */
};
extern struct parmarea parmarea;
extern unsigned int zlib_dfltcc_support;
Reported by FlawFinder.
arch/s390/include/asm/timex.h
2 issues
Line: 90
Column: 17
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
void __init time_early_init(void);
extern unsigned char ptff_function_mask[16];
/* Function codes for the ptff instruction. */
#define PTFF_QAF 0x00 /* query available functions */
#define PTFF_QTO 0x01 /* query tod offset */
#define PTFF_QSI 0x02 /* query steering information */
Reported by FlawFinder.
Line: 143
Column: 20
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
*/
#define ptff(ptff_block, len, func) \
({ \
struct addrtype { char _[len]; }; \
unsigned int reg0 = func; \
unsigned long reg1 = (unsigned long)(ptff_block); \
int rc; \
\
asm volatile( \
Reported by FlawFinder.