The following issues were found
drivers/net/ethernet/mellanox/mlxsw/core_acl_flex_keys.h
2 issues
Line: 203
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct mlxsw_afk_element_values {
struct mlxsw_afk_element_usage elusage;
struct {
char key[MLXSW_AFK_ELEMENT_STORAGE_SIZE];
char mask[MLXSW_AFK_ELEMENT_STORAGE_SIZE];
} storage;
};
void mlxsw_afk_values_add_u32(struct mlxsw_afk_element_values *values,
Reported by FlawFinder.
Line: 204
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct mlxsw_afk_element_usage elusage;
struct {
char key[MLXSW_AFK_ELEMENT_STORAGE_SIZE];
char mask[MLXSW_AFK_ELEMENT_STORAGE_SIZE];
} storage;
};
void mlxsw_afk_values_add_u32(struct mlxsw_afk_element_values *values,
enum mlxsw_afk_element element,
Reported by FlawFinder.
drivers/net/ethernet/intel/ixgbe/ixgbe_mbx.c
2 issues
Line: 29
Column: 19
CWE codes:
120
20
if (!mbx->ops)
return IXGBE_ERR_MBX;
return mbx->ops->read(hw, msg, size, mbx_id);
}
/**
* ixgbe_write_mbx - Write a message to the mailbox
* @hw: pointer to the HW structure
Reported by FlawFinder.
Line: 179
Column: 19
CWE codes:
120
20
return ret_val;
/* if ack received read message */
return mbx->ops->read(hw, msg, size, mbx_id);
}
/**
* ixgbe_write_posted_mbx - Write a message to the mailbox, wait for ack
* @hw: pointer to the HW structure
Reported by FlawFinder.
drivers/net/ethernet/mellanox/mlxsw/item.h
2 issues
Line: 184
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
{
unsigned int offset = __mlxsw_item_offset(item, index, sizeof(char));
memcpy(dst, &buf[offset], item->size.bytes);
}
static inline void __mlxsw_item_memcpy_to(char *buf, const char *src,
const struct mlxsw_item *item,
unsigned short index)
Reported by FlawFinder.
Line: 193
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
{
unsigned int offset = __mlxsw_item_offset(item, index, sizeof(char));
memcpy(&buf[offset], src, item->size.bytes);
}
static inline char *__mlxsw_item_data(char *buf, const struct mlxsw_item *item,
unsigned short index)
{
Reported by FlawFinder.
drivers/net/ethernet/intel/ixgbe/ixgbe_dcb_nl.c
2 issues
Line: 541
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
map_chg = 1;
}
memcpy(adapter->ixgbe_ieee_ets, ets, sizeof(*adapter->ixgbe_ieee_ets));
if (max_tc)
max_tc++;
if (max_tc > adapter->dcb_cfg.num_tcs.pg_tcs)
Reported by FlawFinder.
Line: 604
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
}
prio_tc = adapter->ixgbe_ieee_ets->prio_tc;
memcpy(adapter->ixgbe_ieee_pfc, pfc, sizeof(*adapter->ixgbe_ieee_pfc));
/* Enable link flow control parameters if PFC is disabled */
if (pfc->pfc_en)
err = ixgbe_dcb_hw_pfc_config(hw, pfc->pfc_en, prio_tc);
else
Reported by FlawFinder.
drivers/net/ethernet/mellanox/mlxsw/spectrum.h
2 issues
Line: 115
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct mlxsw_sp_mid {
struct list_head list;
unsigned char addr[ETH_ALEN];
u16 fid;
u16 mid;
bool in_hw;
unsigned long *ports_in_mid; /* bits array */
};
Reported by FlawFinder.
Line: 155
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct mlxsw_sp_port **ports;
struct mlxsw_core *core;
const struct mlxsw_bus_info *bus_info;
unsigned char base_mac[ETH_ALEN];
const unsigned char *mac_mask;
struct mlxsw_sp_upper *lags;
struct mlxsw_sp_port_mapping **port_mapping;
struct rhashtable sample_trigger_ht;
struct mlxsw_sp_sb *sb;
Reported by FlawFinder.
drivers/net/ethernet/mellanox/mlxsw/spectrum2_acl_tcam.c
2 issues
Line: 74
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
struct mlxsw_sp2_acl_tcam *tcam = priv;
struct mlxsw_afa_block *afa_block;
char pefa_pl[MLXSW_REG_PEFA_LEN];
char pgcr_pl[MLXSW_REG_PGCR_LEN];
char *enc_actions;
int i;
int err;
Reported by FlawFinder.
Line: 75
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct mlxsw_sp2_acl_tcam *tcam = priv;
struct mlxsw_afa_block *afa_block;
char pefa_pl[MLXSW_REG_PEFA_LEN];
char pgcr_pl[MLXSW_REG_PGCR_LEN];
char *enc_actions;
int i;
int err;
tcam->kvdl_count = _tcam->max_regions;
Reported by FlawFinder.
drivers/net/ethernet/intel/ixgbe/ixgbe_82598.c
2 issues
Line: 1061
Column: 17
CWE codes:
120
20
ixgbe_set_lan_id_multi_port_pcie(hw);
/* check if LAN0 is disabled */
hw->eeprom.ops.read(hw, IXGBE_PCIE_GENERAL_PTR, &pci_gen);
if ((pci_gen != 0) && (pci_gen != 0xFFFF)) {
hw->eeprom.ops.read(hw, pci_gen + IXGBE_PCIE_CTRL2, &pci_ctrl2);
/* if LAN0 is completely disabled force function to 0 */
Reported by FlawFinder.
Line: 1064
Column: 18
CWE codes:
120
20
hw->eeprom.ops.read(hw, IXGBE_PCIE_GENERAL_PTR, &pci_gen);
if ((pci_gen != 0) && (pci_gen != 0xFFFF)) {
hw->eeprom.ops.read(hw, pci_gen + IXGBE_PCIE_CTRL2, &pci_ctrl2);
/* if LAN0 is completely disabled force function to 0 */
if ((pci_ctrl2 & IXGBE_PCIE_CTRL2_LAN_DISABLE) &&
!(pci_ctrl2 & IXGBE_PCIE_CTRL2_DISABLE_SELECT) &&
!(pci_ctrl2 & IXGBE_PCIE_CTRL2_DUMMY_ENABLE)) {
Reported by FlawFinder.
drivers/net/ethernet/mellanox/mlxsw/spectrum_dpipe.c
2 issues
Line: 474
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
/* Set Match DIP */
value = &entry->match_values[MLXSW_SP_DPIPE_TABLE_HOST_MATCH_DIP];
memcpy(value->value, dip, value->value_size);
/* Set Action DMAC */
value = entry->action_values;
ha_value = value->value;
ether_addr_copy(ha_value, ha);
Reported by FlawFinder.
Line: 1181
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static int mlxsw_sp_dpipe_table_adj_counters_update(void *priv, bool enable)
{
char ratr_pl[MLXSW_REG_RATR_LEN];
struct mlxsw_sp *mlxsw_sp = priv;
struct mlxsw_sp_nexthop *nh;
u32 adj_hash_index = 0;
u32 adj_index = 0;
u32 adj_size = 0;
Reported by FlawFinder.
drivers/net/ethernet/intel/igc/igc_phy.c
2 issues
Line: 672
Column: 36
CWE codes:
120
20
* @read: boolean flag to indicate read or write
*/
static s32 __igc_access_xmdio_reg(struct igc_hw *hw, u16 address,
u8 dev_addr, u16 *data, bool read)
{
s32 ret_val;
ret_val = hw->phy.ops.write_reg(hw, IGC_MMDAC, dev_addr);
if (ret_val)
Reported by FlawFinder.
Line: 689
Column: 6
CWE codes:
120
20
if (ret_val)
return ret_val;
if (read)
ret_val = hw->phy.ops.read_reg(hw, IGC_MMDAAD, data);
else
ret_val = hw->phy.ops.write_reg(hw, IGC_MMDAAD, *data);
if (ret_val)
return ret_val;
Reported by FlawFinder.
drivers/net/ethernet/mellanox/mlxsw/spectrum_policer.c
2 issues
Line: 159
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
u64 rate_kbps = mlxsw_sp_policer_rate_bytes_ps_kbps(policer->params.rate);
u8 bs = mlxsw_sp_policer_burst_bytes_hw_units(policer->params.burst);
struct mlxsw_sp *mlxsw_sp = family->mlxsw_sp;
char qpcr_pl[MLXSW_REG_QPCR_LEN];
mlxsw_reg_qpcr_pack(qpcr_pl, policer->index, MLXSW_REG_QPCR_IR_UNITS_K,
true, rate_kbps, bs);
mlxsw_reg_qpcr_clear_counter_set(qpcr_pl, true);
Reported by FlawFinder.
Line: 290
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
u16 policer_index, u64 *p_drops)
{
struct mlxsw_sp_policer_family *family;
char qpcr_pl[MLXSW_REG_QPCR_LEN];
int err;
family = mlxsw_sp->policer_core->family_arr[type];
MLXSW_REG_ZERO(qpcr, qpcr_pl);
Reported by FlawFinder.