The following issues were found

drivers/net/ethernet/qlogic/qed/qed_devlink.c
2 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 160 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              	struct qed_devlink *qed_dl = devlink_priv(devlink);
	struct qed_dev *cdev = qed_dl->cdev;
	struct qed_dev_info *dev_info;
	char buf[100];
	int err;

	dev_info = &cdev->common_dev_info;

	err = devlink_info_driver_name_put(req, KBUILD_MODNAME);

Reported by FlawFinder.

memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 169 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

              	if (err)
		return err;

	memcpy(buf, cdev->hwfns[0].hw_info.part_num, sizeof(cdev->hwfns[0].hw_info.part_num));
	buf[sizeof(cdev->hwfns[0].hw_info.part_num)] = 0;

	if (buf[0]) {
		err = devlink_info_board_serial_number_put(req, buf);
		if (err)

Reported by FlawFinder.

drivers/net/ethernet/qlogic/qed/qed_l2.h
2 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 78 Column: 11 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              	u8 is_tx_filter;
	u8 vport_to_add_to;
	u8 vport_to_remove_from;
	unsigned char mac[ETH_ALEN];
	u8 assert_on_error;
	u16 vlan;
	u32 vni;
};

Reported by FlawFinder.

char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 91 Column: 11 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              	u8 vport_to_remove_from;
	u8 num_mc_addrs;
#define QED_MAX_MC_ADDRS        64
	unsigned char mac[QED_MAX_MC_ADDRS][ETH_ALEN];
};

/**
 * @brief qed_eth_rx_queue_stop - This ramrod closes an Rx queue
 *

Reported by FlawFinder.

drivers/net/ethernet/qlogic/qede/qede_dcbnl.c
2 issues
setstate - This function is not sufficiently random for security-related functions such as key and nonce creation
Security

Line: 24 Column: 25 CWE codes: 327
Suggestion: Use a more secure technique for acquiring random values 

              {
	struct qede_dev *edev = netdev_priv(netdev);

	return edev->ops->dcb->setstate(edev->cdev, state);
}

static void qede_dcbnl_getpermhwaddr(struct net_device *netdev,
				     u8 *perm_addr)
{

Reported by FlawFinder.

memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 30 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

              static void qede_dcbnl_getpermhwaddr(struct net_device *netdev,
				     u8 *perm_addr)
{
	memcpy(perm_addr, netdev->dev_addr, netdev->addr_len);
}

static void qede_dcbnl_getpgtccfgtx(struct net_device *netdev, int prio,
				    u8 *prio_type, u8 *pgid, u8 *bw_pct,
				    u8 *up_map)

Reported by FlawFinder.

drivers/net/ethernet/intel/ice/ice_lan_tx_rx.h
2 issues
read - Check buffer boundaries if used in a loop including recursive loops
Security

Line: 14 Column: 4 CWE codes: 120 20 

              			/* bit 0 of hdr_addr is DD bit */
		__le64 rsvd1;
		__le64 rsvd2;
	} read;
	struct {
		struct {
			struct {
				__le16 mirroring_status;
				__le16 l2tag1;

Reported by FlawFinder.

read - Check buffer boundaries if used in a loop including recursive loops
Security

Line: 232 Column: 4 CWE codes: 120 20 

              				 /* bit 0 of hdr_addr is DD bit */
		__le64 rsvd1;
		__le64 rsvd2;
	} read;
	struct {
		/* Qword 0 */
		u8 rxdid; /* descriptor builder profile ID */
		u8 mir_id_umb_cast; /* mirror=[5:0], umb=[7:6] */
		__le16 ptype_flex_flags0; /* ptype=[9:0], ff0=[15:10] */

Reported by FlawFinder.

drivers/net/ethernet/intel/ice/ice_fw_update.c
2 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 232 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

              	comp_tbl->comp_cmp_stamp = cpu_to_le32(component->comparison_stamp);
	comp_tbl->cvs_type = component->version_type;
	comp_tbl->cvs_len = component->version_len;
	memcpy(comp_tbl->cvs, component->version_string, component->version_len);

	dev_dbg(dev, "Sending component table to firmware:\n");

	status = ice_nvm_pass_component_tbl(hw, (u8 *)comp_tbl, length,
					    transfer_flag, &comp_response,

Reported by FlawFinder.

memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 394 Column: 3 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

              		 * buffer, so we must make a copy since the source data is
		 * constant.
		 */
		memcpy(block, image + offset, block_size);

		err = ice_write_one_nvm_block(pf, module, offset, block_size,
					      block, last_cmd, extack);
		if (err)
			break;

Reported by FlawFinder.

drivers/net/ethernet/qlogic/qlcnic/qlcnic_minidump.c
2 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 843 Column: 3 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

              			goto free_dma_descr;
		}

		memcpy(buffer, dma_buffer, size);
		buffer += size / 4;
		read_size += size;
	}

free_dma_descr:

Reported by FlawFinder.

char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 1298 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              	void *tmpl_hdr;
	u32 ocm_window;
	__le32 *buffer;
	char mesg[64];
	char *msg[] = {mesg, NULL};

	ahw = adapter->ahw;
	tmpl_hdr = fw_dump->tmpl_hdr;

Reported by FlawFinder.

drivers/net/ethernet/qualcomm/emac/emac-ethtool.c
2 issues
strcpy - Does not check for buffer overflows when copying to destination [MS-banned]
Security

Line: 98 Column: 3 CWE codes: 120
Suggestion: Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused) 

              
	switch (stringset) {
	case ETH_SS_PRIV_FLAGS:
		strcpy(data, "single-pause-mode");
		break;

	case ETH_SS_STATS:
		for (i = 0; i < EMAC_STATS_LEN; i++) {
			strlcpy(data, emac_ethtool_stat_strings[i],

Reported by FlawFinder.

memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 120 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

              	spin_lock(&adpt->stats.lock);

	emac_update_hw_stats(adpt);
	memcpy(data, &adpt->stats, EMAC_STATS_LEN * sizeof(u64));

	spin_unlock(&adpt->stats.lock);
}

static int emac_nway_reset(struct net_device *netdev)

Reported by FlawFinder.

drivers/net/ethernet/qualcomm/emac/emac-sgmii.c
2 issues
open - Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?
Security

Line: 58 Column: 52 CWE codes: 362 

              
int emac_sgmii_open(struct emac_adapter *adpt)
{
	if (!(adpt->phy.sgmii_ops && adpt->phy.sgmii_ops->open))
		return 0;

	return adpt->phy.sgmii_ops->open(adpt);
}

Reported by FlawFinder.

open - Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?
Security

Line: 61 Column: 30 CWE codes: 362 

              	if (!(adpt->phy.sgmii_ops && adpt->phy.sgmii_ops->open))
		return 0;

	return adpt->phy.sgmii_ops->open(adpt);
}

void emac_sgmii_close(struct emac_adapter *adpt)
{
	if (!(adpt->phy.sgmii_ops && adpt->phy.sgmii_ops->close))

Reported by FlawFinder.

drivers/net/ethernet/qualcomm/qca_debug.c
2 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 195 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

              	struct qcaspi *qca = netdev_priv(dev);
	struct qcaspi_stats *st = &qca->stats;

	memcpy(data, st, ARRAY_SIZE(qcaspi_gstrings_stats) * sizeof(u64));
}

static void
qcaspi_get_strings(struct net_device *dev, u32 stringset, u8 *buf)
{

Reported by FlawFinder.

memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 203 Column: 3 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

              {
	switch (stringset) {
	case ETH_SS_STATS:
		memcpy(buf, &qcaspi_gstrings_stats,
		       sizeof(qcaspi_gstrings_stats));
		break;
	default:
		WARN_ON(1);
		break;

Reported by FlawFinder.

drivers/net/ethernet/qualcomm/rmnet/rmnet_vnd.c
2 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 185 Column: 3 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

              {
	switch (stringset) {
	case ETH_SS_STATS:
		memcpy(buf, &rmnet_gstrings_stats,
		       sizeof(rmnet_gstrings_stats));
		break;
	}
}

Reported by FlawFinder.

memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 210 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

              	if (!data)
		return;

	memcpy(data, st, ARRAY_SIZE(rmnet_gstrings_stats) * sizeof(u64));
}

static const struct ethtool_ops rmnet_ethtool_ops = {
	.get_ethtool_stats = rmnet_get_ethtool_stats,
	.get_strings = rmnet_get_strings,

Reported by FlawFinder.