The following issues were found
drivers/iio/adc/ad7768-1.c
2 issues
Line: 420
Column: 9
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
{
struct ad7768_state *st = iio_priv(indio_dev);
return sprintf(label, "%s\n", st->labels[chan->channel]);
}
static struct attribute *ad7768_attributes[] = {
&iio_dev_attr_sampling_frequency_available.dev_attr.attr,
NULL
Reported by FlawFinder.
Line: 164
Column: 8
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct completion completion;
struct iio_trigger *trig;
struct gpio_desc *gpio_sync_in;
const char *labels[ARRAY_SIZE(ad7768_channels)];
/*
* DMA (thus cache coherency maintenance) requires the
* transfer buffers to live in their own cache lines.
*/
union {
Reported by FlawFinder.
drivers/iio/adc/ad7887.c
2 issues
Line: 66
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct spi_transfer xfer[4];
struct spi_message msg[3];
struct spi_message *ring_msg;
unsigned char tx_cmd_buf[4];
/*
* DMA (thus cache coherency maintenance) requires the
* transfer buffers to live in their own cache lines.
* Buffer needs to be large enough to hold two 16 bit samples and a
Reported by FlawFinder.
Line: 74
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
* Buffer needs to be large enough to hold two 16 bit samples and a
* 64 bit aligned 64 bit timestamp.
*/
unsigned char data[ALIGN(4, sizeof(s64)) + sizeof(s64)]
____cacheline_aligned;
};
enum ad7887_supported_device_ids {
ID_AD7887
Reported by FlawFinder.
drivers/iio/adc/ad9467.c
2 issues
Line: 129
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static int ad9467_spi_read(struct spi_device *spi, unsigned int reg)
{
unsigned char tbuf[2], rbuf[1];
int ret;
tbuf[0] = 0x80 | (reg >> 8);
tbuf[1] = reg & 0xFF;
Reported by FlawFinder.
Line: 148
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static int ad9467_spi_write(struct spi_device *spi, unsigned int reg,
unsigned int val)
{
unsigned char buf[3];
buf[0] = reg >> 8;
buf[1] = reg & 0xFF;
buf[2] = val;
Reported by FlawFinder.
drivers/iio/adc/envelope-detector.c
2 issues
Line: 237
Column: 9
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
{
struct envelope *env = iio_priv(indio_dev);
return sprintf(buf, "%u\n", env->invert);
}
static ssize_t envelope_store_invert(struct iio_dev *indio_dev,
uintptr_t private,
struct iio_chan_spec const *ch,
Reported by FlawFinder.
Line: 277
Column: 9
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
{
struct envelope *env = iio_priv(indio_dev);
return sprintf(buf, "%u\n", env->comp_interval);
}
static ssize_t envelope_store_comp_interval(struct iio_dev *indio_dev,
uintptr_t private,
struct iio_chan_spec const *ch,
Reported by FlawFinder.
drivers/iio/adc/hx711.c
2 issues
Line: 396
Column: 11
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
for (i = 0; i < HX711_GAIN_MAX; i++)
if (hx711_gain_to_scale[i].channel == channel)
len += sprintf(buf + len, "0.%09d ",
hx711_gain_to_scale[i].scale);
len += sprintf(buf + len, "\n");
return len;
Reported by FlawFinder.
Line: 399
Column: 9
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
len += sprintf(buf + len, "0.%09d ",
hx711_gain_to_scale[i].scale);
len += sprintf(buf + len, "\n");
return len;
}
static IIO_DEVICE_ATTR(in_voltage0_scale_available, S_IRUGO,
Reported by FlawFinder.
drivers/iio/adc/ltc2496.c
2 issues
Line: 30
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
* DMA (thus cache coherency maintenance) requires the
* transfer buffers to live in their own cache lines.
*/
unsigned char rxbuf[3] ____cacheline_aligned;
unsigned char txbuf[3];
};
static int ltc2496_result_and_measure(struct ltc2497core_driverdata *ddata,
u8 address, int *val)
Reported by FlawFinder.
Line: 31
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
* transfer buffers to live in their own cache lines.
*/
unsigned char rxbuf[3] ____cacheline_aligned;
unsigned char txbuf[3];
};
static int ltc2496_result_and_measure(struct ltc2497core_driverdata *ddata,
u8 address, int *val)
{
Reported by FlawFinder.
drivers/iio/adc/mxs-lradc-adc.c
2 issues
Line: 326
Column: 10
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
ch = iio_attr->address;
for (i = 0; i < ARRAY_SIZE(adc->scale_avail[ch]); i++)
len += sprintf(buf + len, "%u.%09u ",
adc->scale_avail[ch][i].integer,
adc->scale_avail[ch][i].nano);
len += sprintf(buf + len, "\n");
Reported by FlawFinder.
Line: 330
Column: 9
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
adc->scale_avail[ch][i].integer,
adc->scale_avail[ch][i].nano);
len += sprintf(buf + len, "\n");
return len;
}
#define SHOW_SCALE_AVAILABLE_ATTR(ch)\
Reported by FlawFinder.
drivers/iio/adc/ti-ads8688.c
2 issues
Line: 123
Column: 9
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
{
struct ads8688_state *st = iio_priv(dev_to_iio_dev(dev));
return sprintf(buf, "0.%09u 0.%09u 0.%09u\n",
ads8688_range_def[0].scale * st->vref_mv,
ads8688_range_def[1].scale * st->vref_mv,
ads8688_range_def[2].scale * st->vref_mv);
}
Reported by FlawFinder.
Line: 132
Column: 9
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
static ssize_t ads8688_show_offsets(struct device *dev,
struct device_attribute *attr, char *buf)
{
return sprintf(buf, "%d %d\n", ads8688_range_def[0].offset,
ads8688_range_def[3].offset);
}
static IIO_DEVICE_ATTR(in_voltage_scale_available, S_IRUGO,
ads8688_show_scales, NULL, 0);
Reported by FlawFinder.
drivers/iio/adc/xilinx-xadc.h
2 issues
Line: 79
Column: 8
CWE codes:
120
20
};
struct xadc_ops {
int (*read)(struct xadc *xadc, unsigned int reg, uint16_t *val);
int (*write)(struct xadc *xadc, unsigned int reg, uint16_t val);
int (*setup)(struct platform_device *pdev, struct iio_dev *indio_dev,
int irq);
void (*update_alarm)(struct xadc *xadc, unsigned int alarm);
unsigned long (*get_dclk_rate)(struct xadc *xadc);
Reported by FlawFinder.
Line: 95
Column: 20
CWE codes:
120
20
uint16_t *val)
{
lockdep_assert_held(&xadc->mutex);
return xadc->ops->read(xadc, reg, val);
}
static inline int _xadc_write_adc_reg(struct xadc *xadc, unsigned int reg,
uint16_t val)
{
Reported by FlawFinder.
drivers/iio/amplifiers/ad8366.c
2 issues
Line: 44
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct regulator *reg;
struct mutex lock; /* protect sensor state */
struct gpio_desc *reset_gpio;
unsigned char ch[2];
enum ad8366_type type;
struct ad8366_info *info;
/*
* DMA (thus cache coherency maintenance) requires the
* transfer buffers to live in their own cache lines.
Reported by FlawFinder.
Line: 51
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
* DMA (thus cache coherency maintenance) requires the
* transfer buffers to live in their own cache lines.
*/
unsigned char data[2] ____cacheline_aligned;
};
static struct ad8366_info ad8366_infos[] = {
[ID_AD8366] = {
.gain_min = 4500,
Reported by FlawFinder.