Line: 100 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              int dcdbas_smi_request(struct smi_cmd *smi_cmd);

struct smm_eps_table {
	char smm_comm_buff_anchor[4];
	u8 length;
	u8 checksum;
	u8 version;
	u64 smm_comm_buff_addr;
	u64 num_of_4k_pages;

            

Line: 260 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              	u64  new_apka_mkvp;	/* truncated sha256 of new apka master key */
	u64  cur_apka_mkvp;	/* truncated sha256 of current apka mk */
	u64  old_apka_mkvp;	/* truncated sha256 of old apka mk */
	char serial[9];		/* serial number (8 ascii numbers + 0x00) */
};

/*
 * Fetch cca information about an CCA queue.
 */

            

Line: 21 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              
struct adv_swbutton {
	struct input_dev *input;
	char phys[32];
};

/*-------------------------------------------------------------------------
 *                               Driver Interface
 *--------------------------------------------------------------------------

            

Line: 1233 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

              	 * Copy descriptor to the skbdesc->desc buffer, making it safe from moving of
	 * frame data in rt2x00usb.
	 */
	memcpy(skbdesc->desc, rxd, skbdesc->desc_len);
	rxd = (__le32 *)skbdesc->desc;

	/*
	 * It is now safe to read the descriptor on all architectures.
	 */

            

Line: 192 Column: 7 CWE codes: 126

              
	if (strncmp(acpi_device_bid(ACPI_COMPANION(&client->dev)),
		    SURFACE_BUTTON_OBJ_NAME,
		    strlen(SURFACE_BUTTON_OBJ_NAME)))
		return -ENODEV;

	error = gpiod_count(dev, NULL);
	if (error < 0) {
		dev_dbg(dev, "no GPIO attached, ignoring...\n");

            

Line: 90 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              struct ep11_card_info {
	u32  API_ord_nr;    /* API ordinal number */
	u16  FW_version;    /* Firmware major and minor version */
	char serial[16];    /* serial number string (16 ascii, no 0x00 !) */
	u64  op_mode;	    /* card operational mode(s) */
};

/* EP11 domain info struct */
struct ep11_domain_info {

            

Line: 184 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

              	}

	qacl->num_entries = cpu_to_le32(acl->n_acl_entries);
	memcpy(qacl->mac_addrs, acl->mac_addrs,
	       acl->n_acl_entries * sizeof(*qacl->mac_addrs));
}

enum qlink_band qlink_utils_band_cfg2q(enum nl80211_band band)
{

            

Line: 97 Column: 14 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

               */
static inline void msgb_push_buf(struct msgbuf *msgb, const u8 *buf, size_t len)
{
	msgb->ptr = memcpy(msgb->ptr, buf, len) + len;
}

/**
 * msgb_push_crc() - Compute CRC and push it to the buffer.
 * @msgb: The message buffer.

            

Line: 667 Column: 3 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

              			kcalloc(new_capacity, sizeof(*pipes), GFP_ATOMIC);
		if (!pipes)
			return -ENOMEM;
		memcpy(pipes, dev->pipes, sizeof(*pipes) * dev->pipes_capacity);
		kfree(dev->pipes);
		dev->pipes = pipes;
		id = dev->pipes_capacity;
		dev->pipes_capacity = new_capacity;
	}

            

Line: 177 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

              		return -EMSGSIZE;
	}

	memcpy(msg->response_data, rs->data, msg->response_size);

	return rs->data_size;
}

/**