The following issues were found
drivers/edac/i5100_edac.c
2 issues
Line: 441
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
unsigned ras,
const char *msg)
{
char detail[80];
/* Form out message */
snprintf(detail, sizeof(detail),
"bank %u, cas %u, ras %u\n",
bank, cas, ras);
Reported by FlawFinder.
Line: 463
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
unsigned ras,
const char *msg)
{
char detail[80];
/* Form out message */
snprintf(detail, sizeof(detail),
"bank %u, cas %u, ras %u\n",
bank, cas, ras);
Reported by FlawFinder.
drivers/edac/i5400_edac.c
2 issues
Line: 515
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct i5400_error_info *info,
unsigned long allErrors)
{
char msg[EDAC_MC_LABEL_LEN + 1 + 90 + 80];
int branch;
int channel;
int bank;
int buf_id;
int rank;
Reported by FlawFinder.
Line: 579
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static void i5400_process_nonfatal_error_info(struct mem_ctl_info *mci,
struct i5400_error_info *info)
{
char msg[EDAC_MC_LABEL_LEN + 1 + 90 + 80];
unsigned long allErrors;
int branch;
int channel;
int bank;
int rank;
Reported by FlawFinder.
drivers/acpi/processor_throttling.c
2 issues
Line: 439
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
result = -EFAULT;
goto end;
}
memcpy(&pr->throttling.control_register, obj.buffer.pointer,
sizeof(struct acpi_ptc_register));
/*
* status_register
*/
Reported by FlawFinder.
Line: 456
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
goto end;
}
memcpy(&pr->throttling.status_register, obj.buffer.pointer,
sizeof(struct acpi_ptc_register));
throttling = &pr->throttling;
if ((throttling->control_register.bit_width +
Reported by FlawFinder.
drivers/clk/at91/at91sam9n12.c
2 issues
Line: 112
Column: 8
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct clk_range range = CLK_RANGE(0, 0);
const char *slck_name, *mainxtal_name;
struct pmc_data *at91sam9n12_pmc;
const char *parent_names[6];
struct regmap *regmap;
struct clk_hw *hw;
int i;
bool bypass;
Reported by FlawFinder.
Line: 210
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
parent_names[3] = "pllbck";
parent_names[4] = "masterck_div";
for (i = 0; i < 2; i++) {
char name[6];
snprintf(name, sizeof(name), "prog%d", i);
hw = at91_clk_register_programmable(regmap, name,
parent_names, 5, i,
Reported by FlawFinder.
drivers/edac/octeon_edac-l2c.c
2 issues
Line: 64
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
union cvmx_l2c_err_tdtx err_tdtx, err_tdtx_reset;
union cvmx_l2c_err_ttgx err_ttgx, err_ttgx_reset;
char buf1[64];
char buf2[80];
err_tdtx_reset.u64 = 0;
err_tdtx.u64 = cvmx_read_csr(CVMX_L2C_ERR_TDTX(tad));
if (err_tdtx.s.dbe || err_tdtx.s.sbe ||
Reported by FlawFinder.
Line: 65
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
union cvmx_l2c_err_tdtx err_tdtx, err_tdtx_reset;
union cvmx_l2c_err_ttgx err_ttgx, err_ttgx_reset;
char buf1[64];
char buf2[80];
err_tdtx_reset.u64 = 0;
err_tdtx.u64 = cvmx_read_csr(CVMX_L2C_ERR_TDTX(tad));
if (err_tdtx.s.dbe || err_tdtx.s.sbe ||
err_tdtx.s.vdbe || err_tdtx.s.vsbe)
Reported by FlawFinder.
drivers/crypto/caam/desc_constr.h
2 issues
Line: 167
CWE codes:
476
u32 *offset = desc_end(desc);
if (len) /* avoid sparse warning: memcpy with byte count of 0 */
memcpy(offset, data, len);
(*desc) = cpu_to_caam32(caam32_to_cpu(*desc) +
(len + CAAM_CMD_SZ - 1) / CAAM_CMD_SZ);
}
Reported by Cppcheck.
Line: 167
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
u32 *offset = desc_end(desc);
if (len) /* avoid sparse warning: memcpy with byte count of 0 */
memcpy(offset, data, len);
(*desc) = cpu_to_caam32(caam32_to_cpu(*desc) +
(len + CAAM_CMD_SZ - 1) / CAAM_CMD_SZ);
}
Reported by FlawFinder.
drivers/clk/at91/at91sam9rl.c
2 issues
Line: 72
Column: 8
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
const char *slck_name, *mainxtal_name;
struct pmc_data *at91sam9rl_pmc;
const char *parent_names[6];
struct regmap *regmap;
struct clk_hw *hw;
int i;
i = of_property_match_string(np, "clock-names", "slow_clk");
Reported by FlawFinder.
Line: 147
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
parent_names[3] = "utmick";
parent_names[4] = "masterck_div";
for (i = 0; i < 2; i++) {
char name[6];
snprintf(name, sizeof(name), "prog%d", i);
hw = at91_clk_register_programmable(regmap, name,
parent_names, 5, i,
Reported by FlawFinder.
drivers/crypto/caam/qi.c
2 issues
Line: 367
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
drv_ctx->prehdr[0] = cpu_to_caam32((1 << PREHDR_RSLS_SHIFT) |
num_words);
drv_ctx->prehdr[1] = cpu_to_caam32(PREHDR_ABS);
memcpy(drv_ctx->sh_desc, sh_desc, desc_bytes(sh_desc));
dma_sync_single_for_device(qidev, drv_ctx->context_a,
sizeof(drv_ctx->sh_desc) +
sizeof(drv_ctx->prehdr),
DMA_BIDIRECTIONAL);
Reported by FlawFinder.
Line: 423
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
drv_ctx->prehdr[0] = cpu_to_caam32((1 << PREHDR_RSLS_SHIFT) |
num_words);
drv_ctx->prehdr[1] = cpu_to_caam32(PREHDR_ABS);
memcpy(drv_ctx->sh_desc, sh_desc, desc_bytes(sh_desc));
size = sizeof(drv_ctx->prehdr) + sizeof(drv_ctx->sh_desc);
hwdesc = dma_map_single(qidev, drv_ctx->prehdr, size,
DMA_BIDIRECTIONAL);
if (dma_mapping_error(qidev, hwdesc)) {
dev_err(qidev, "DMA map error for preheader + shdesc\n");
Reported by FlawFinder.
drivers/crypto/cavium/cpt/cptpf_main.c
2 issues
Line: 265
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
ucode = (struct ucode_header *)fw_entry->data;
mcode = &cpt->mcode[cpt->next_mc_idx];
memcpy(mcode->version, (u8 *)fw_entry->data, CPT_UCODE_VERSION_SZ);
mcode->code_size = ntohl(ucode->code_length) * 2;
if (!mcode->code_size) {
ret = -EINVAL;
goto fw_release;
}
Reported by FlawFinder.
Line: 285
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
goto fw_release;
}
memcpy((void *)mcode->code, (void *)(fw_entry->data + sizeof(*ucode)),
mcode->code_size);
/* Byte swap 64-bit */
for (j = 0; j < (mcode->code_size / 8); j++)
((__be64 *)mcode->code)[j] = cpu_to_be64(((u64 *)mcode->code)[j]);
Reported by FlawFinder.
drivers/clk/at91/at91sam9x5.c
2 issues
Line: 134
Column: 8
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct clk_range range = CLK_RANGE(0, 0);
const char *slck_name, *mainxtal_name;
struct pmc_data *at91sam9x5_pmc;
const char *parent_names[6];
struct regmap *regmap;
struct clk_hw *hw;
int i;
bool bypass;
Reported by FlawFinder.
Line: 235
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
parent_names[3] = "utmick";
parent_names[4] = "masterck_div";
for (i = 0; i < 2; i++) {
char name[6];
snprintf(name, sizeof(name), "prog%d", i);
hw = at91_clk_register_programmable(regmap, name,
parent_names, 5, i,
Reported by FlawFinder.