The following issues were found
drivers/scsi/arm/arxescsi.c
2 issues
Line: 217
Column: 2
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
struct arxescsi_info *info = (struct arxescsi_info *)host->hostdata;
static char string[150];
sprintf(string, "%s (%s) in slot %d v%s",
host->hostt->name, info->info.scsi.type, info->ec->slot_no,
VERSION);
return string;
}
Reported by FlawFinder.
Line: 215
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static const char *arxescsi_info(struct Scsi_Host *host)
{
struct arxescsi_info *info = (struct arxescsi_info *)host->hostdata;
static char string[150];
sprintf(string, "%s (%s) in slot %d v%s",
host->hostt->name, info->info.scsi.type, info->ec->slot_no,
VERSION);
Reported by FlawFinder.
drivers/scsi/arm/cumana_2.c
2 issues
Line: 300
Column: 2
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
struct cumanascsi2_info *info = (struct cumanascsi2_info *)host->hostdata;
static char string[150];
sprintf(string, "%s (%s) in slot %d v%s terminators o%s",
host->hostt->name, info->info.scsi.type, info->ec->slot_no,
VERSION, info->terms ? "n" : "ff");
return string;
}
Reported by FlawFinder.
Line: 298
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
const char *cumanascsi_2_info(struct Scsi_Host *host)
{
struct cumanascsi2_info *info = (struct cumanascsi2_info *)host->hostdata;
static char string[150];
sprintf(string, "%s (%s) in slot %d v%s terminators o%s",
host->hostt->name, info->info.scsi.type, info->ec->slot_no,
VERSION, info->terms ? "n" : "ff");
Reported by FlawFinder.
drivers/scsi/arm/fas216.h
2 issues
Line: 236
Column: 12
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
phase_t phase; /* current phase */
void __iomem *io_base; /* iomem base of FAS216 */
unsigned int io_shift; /* shift to adjust reg offsets by */
unsigned char cfg[4]; /* configuration registers */
const char *type; /* chip type */
unsigned int irq; /* interrupt */
int dma; /* dma channel */
struct scsi_pointer SCp; /* current commands data pointer */
Reported by FlawFinder.
Line: 247
Column: 12
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
unsigned int async_stp; /* Async transfer STP value */
unsigned char msgin_fifo; /* bytes in fifo at time of message in */
unsigned char message[256]; /* last message received from device */
unsigned char disconnectable:1; /* this command can be disconnected */
unsigned char aborting:1; /* aborting command */
} scsi;
Reported by FlawFinder.
drivers/scsi/atari_scsi.c
2 issues
Line: 319
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
/* If the dribble buffer was used on a read operation, copy the DMA-ed
* data to the original destination address.
*/
memcpy(atari_dma_orig_addr, phys_to_virt(atari_dma_startaddr),
hostdata->dma_len - atari_dma_residual);
atari_dma_orig_addr = NULL;
}
NCR5380_intr(irq, dev);
Reported by FlawFinder.
Line: 437
Column: 4
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
* wanted address.
*/
if (dir)
memcpy(atari_dma_buffer, data, count);
else
atari_dma_orig_addr = data;
addr = atari_dma_phys_buffer;
}
Reported by FlawFinder.
drivers/scsi/be2iscsi/be_cmds.c
2 issues
Line: 1445
CWE codes:
788
for (ulp_num = 0; ulp_num < BEISCSI_ULP_COUNT; ulp_num++)
if (test_bit(ulp_num, &phba->fw_config.ulp_supported))
break;
icd_count = phba->fw_config.iscsi_icd_count[ulp_num];
if (icd_count == 0 || icd_count > 65536) {
beiscsi_log(phba, KERN_ERR, BEISCSI_LOG_INIT,
"BG_%d: invalid ICD count %d\n", icd_count);
goto fail_init;
}
Reported by Cppcheck.
Line: 1305
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
beiscsi_log(phba, KERN_INFO, BEISCSI_LOG_INIT,
"BM_%d : phba->fw_config.iscsi_features = %d\n",
phba->fw_config.iscsi_features);
memcpy(phba->fw_ver_str, resp->params.hba_attribs.
firmware_version_string, BEISCSI_VER_STRLEN);
} else
beiscsi_log(phba, KERN_ERR, BEISCSI_LOG_INIT,
"BG_%d : Failed in beiscsi_check_supported_fw\n");
mutex_unlock(&ctrl->mbox_lock);
Reported by FlawFinder.
drivers/scsi/bfa/bfa_core.c
2 issues
Line: 1711
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
}
*nwwns = cfgrsp->bootwwns.nwwns;
memcpy(wwns, cfgrsp->bootwwns.wwn, sizeof(cfgrsp->bootwwns.wwn));
}
int
bfa_iocfc_get_pbc_vports(struct bfa_s *bfa, struct bfi_pbc_vport_s *pbc_vport)
{
Reported by FlawFinder.
Line: 1720
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
struct bfa_iocfc_s *iocfc = &bfa->iocfc;
struct bfi_iocfc_cfgrsp_s *cfgrsp = iocfc->cfgrsp;
memcpy(pbc_vport, cfgrsp->pbc_cfg.vport, sizeof(cfgrsp->pbc_cfg.vport));
return cfgrsp->pbc_cfg.nvports;
}
/*
Reported by FlawFinder.
drivers/scsi/bfa/bfa_cs.h
2 issues
Line: 296
Column: 2
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
} w;
w.wwn = wwn;
sprintf(wwn_str, "%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x", w.byte[0],
w.byte[1], w.byte[2], w.byte[3], w.byte[4], w.byte[5],
w.byte[6], w.byte[7]);
}
static inline void
Reported by FlawFinder.
Line: 310
Column: 2
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
} f;
f.fcid = fcid;
sprintf(fcid_str, "%02x:%02x:%02x", f.byte[1], f.byte[2], f.byte[3]);
}
#define bfa_swap_3b(_x) \
((((_x) & 0xff) << 16) | \
((_x) & 0x00ff00) | \
Reported by FlawFinder.
drivers/scsi/bfa/bfa_defs_fcs.h
2 issues
Line: 68
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
*/
#define BFA_SYMNAME_MAXLEN 128 /* 128 bytes */
struct bfa_lport_symname_s {
char symname[BFA_SYMNAME_MAXLEN];
};
/*
* Roles of FCS port:
* - FCP IM and FCP TM roles cannot be enabled together for a FCS port
Reported by FlawFinder.
Line: 346
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
*/
#define BFA_RPORT_SYMNAME_MAXLEN 255
struct bfa_rport_symname_s {
char symname[BFA_RPORT_SYMNAME_MAXLEN];
};
/*
* FCS remote port statistics
*/
Reported by FlawFinder.
drivers/scsi/bfa/bfa_defs_svc.h
2 issues
Line: 1015
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
* Port FCP mappings.
*/
struct bfa_port_fcpmap_s {
char osdevname[256];
u32 bus;
u32 target;
u32 oslun;
u32 fcid;
wwn_t nwwn;
Reported by FlawFinder.
Line: 1023
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
wwn_t nwwn;
wwn_t pwwn;
u64 fcplun;
char luid[256];
};
/*
* Port RNID info.
*/
Reported by FlawFinder.
drivers/scsi/bfa/bfa_fc.h
2 issues
Line: 1405
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
u32 port_id:24; /* Port Identifier */
wwn_t port_name; /* Port Name */
u8 spn_len; /* Length of Symbolic Port Name */
char spn[255]; /* Symbolic Port Name */
wwn_t node_name; /* Node Name */
u8 snn_len; /* Length of Symbolic Node Name */
char snn[255]; /* Symbolic Node Name */
u8 ipa[8]; /* Initial Process Associator */
u8 ip[16]; /* IP Address */
Reported by FlawFinder.
Line: 1408
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
char spn[255]; /* Symbolic Port Name */
wwn_t node_name; /* Node Name */
u8 snn_len; /* Length of Symbolic Node Name */
char snn[255]; /* Symbolic Node Name */
u8 ipa[8]; /* Initial Process Associator */
u8 ip[16]; /* IP Address */
u32 cos; /* Class of Service */
u32 fc4types[8]; /* FC-4 TYPEs */
wwn_t fabric_port_name; /* Fabric Port Name */
Reported by FlawFinder.