The following issues were found
block/sed-opal.c
15 issues
Line: 640
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
start = add_bytestring_header(err, cmd, len);
if (!start)
return;
memcpy(start, bytestring, len);
cmd->pos += len;
}
static int build_locking_range(u8 *buffer, size_t length, u8 lr)
{
Reported by FlawFinder.
Line: 651
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
return -ERANGE;
}
memcpy(buffer, opaluid[OPAL_LOCKINGRANGE_GLOBAL], OPAL_UID_LENGTH);
if (lr == 0)
return 0;
buffer[5] = LOCKING_RANGE_NON_GLOBAL;
Reported by FlawFinder.
Line: 669
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
return -ERANGE;
}
memcpy(buffer, opaluid[OPAL_USER1_UID], OPAL_UID_LENGTH);
buffer[7] = lr + 1;
return 0;
}
Reported by FlawFinder.
Line: 1156
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
* so we have to get the first half of the OPAL_TABLE_TABLE and use the
* first part of the target table as relative index into that table
*/
memcpy(uid, opaluid[OPAL_TABLE_TABLE], half);
memcpy(uid + half, table_uid, half);
return generic_get_column(dev, uid, column);
}
Reported by FlawFinder.
Line: 1157
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
* first part of the target table as relative index into that table
*/
memcpy(uid, opaluid[OPAL_TABLE_TABLE], half);
memcpy(uid + half, table_uid, half);
return generic_get_column(dev, uid, column);
}
static int gen_key(struct opal_dev *dev, void *data)
Reported by FlawFinder.
Line: 1512
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
err = build_locking_user(lk_ul_user, sizeof(lk_ul_user),
session->who - 1);
else
memcpy(lk_ul_user, opaluid[OPAL_ADMIN1_UID], OPAL_UID_LENGTH);
if (err)
return err;
err = cmd_start(dev, opaluid[OPAL_SMUID_UID],
Reported by FlawFinder.
Line: 1561
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
u8 uid[OPAL_UID_LENGTH];
int err;
memcpy(uid, opaluid[OPAL_USER1_UID], OPAL_UID_LENGTH);
uid[7] = session->who;
err = cmd_start(dev, uid, opalmethod[OPAL_SET]);
add_token_u8(&err, dev, OPAL_STARTNAME);
add_token_u8(&err, dev, OPAL_VALUES);
Reported by FlawFinder.
Line: 1687
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
u8 cpin_uid[OPAL_UID_LENGTH];
struct opal_session_info *usr = data;
memcpy(cpin_uid, opaluid[OPAL_C_PIN_ADMIN1], OPAL_UID_LENGTH);
if (usr->who != OPAL_ADMIN1) {
cpin_uid[5] = 0x03;
if (usr->sum)
cpin_uid[7] = usr->opal_key.lr + 1;
Reported by FlawFinder.
Line: 1711
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
u8 cpin_uid[OPAL_UID_LENGTH];
struct opal_key *key = data;
memcpy(cpin_uid, opaluid[OPAL_C_PIN_SID], OPAL_UID_LENGTH);
if (generic_pw_cmd(key->key, key->key_len, cpin_uid, dev)) {
pr_debug("Error building Set SID cpin\n");
return -ERANGE;
}
Reported by FlawFinder.
Line: 1727
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
struct opal_lock_unlock *lkul = data;
int err;
memcpy(lr_buffer, opaluid[OPAL_LOCKINGRANGE_ACE_RDLOCKED],
OPAL_UID_LENGTH);
if (lkul->l_state == OPAL_RW)
memcpy(lr_buffer, opaluid[OPAL_LOCKINGRANGE_ACE_WRLOCKED],
OPAL_UID_LENGTH);
Reported by FlawFinder.
tools/perf/util/map.c
15 issues
Line: 47
Column: 12
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
if (libname)
lib_length = strlen(libname);
app_abi = getenv("APP_ABI");
if (!app_abi)
return false;
app_abi_length = strlen(app_abi);
Reported by FlawFinder.
Line: 61
Column: 14
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
new_length = 7 + app_abi_length + lib_length;
apk_path = getenv("APK_PATH");
if (apk_path) {
new_length += strlen(apk_path) + 1;
if (new_length > PATH_MAX)
return false;
snprintf(newfilename, new_length,
Reported by FlawFinder.
Line: 82
Column: 9
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
const char *arch;
int ndk_length, app_length;
ndk = getenv("NDK_ROOT");
app = getenv("APP_PLATFORM");
if (!(ndk && app))
return false;
Reported by FlawFinder.
Line: 83
Column: 9
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
int ndk_length, app_length;
ndk = getenv("NDK_ROOT");
app = getenv("APP_PLATFORM");
if (!(ndk && app))
return false;
ndk_length = strlen(ndk);
Reported by FlawFinder.
Line: 140
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct nsinfo *nnsi;
if (map != NULL) {
char newfilename[PATH_MAX];
struct dso *dso;
int anon, no_dso, vdso, android;
android = is_android_lib(filename);
anon = is_anon_memory(filename) || flags & MAP_HUGETLB;
Reported by FlawFinder.
Line: 335
Column: 4
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
nr = dso__load(map->dso, map);
if (nr < 0) {
if (map->dso->has_build_id) {
char sbuild_id[SBUILD_ID_SIZE];
build_id__sprintf(&map->dso->bid, sbuild_id);
pr_debug("%s with build id %s not found", name, sbuild_id);
} else
pr_debug("Failed to open %s", name);
Reported by FlawFinder.
Line: 409
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
size_t map__fprintf_dsoname(struct map *map, FILE *fp)
{
char buf[symbol_conf.pad_output_len_dso + 1];
const char *dsoname = "[unknown]";
if (map && map->dso) {
if (symbol_conf.show_kernel_path && map->dso->long_name)
dsoname = map->dso->long_name;
Reported by FlawFinder.
Line: 45
Column: 16
CWE codes:
126
libname = strrchr(filename, '/');
if (libname)
lib_length = strlen(libname);
app_abi = getenv("APP_ABI");
if (!app_abi)
return false;
Reported by FlawFinder.
Line: 51
Column: 19
CWE codes:
126
if (!app_abi)
return false;
app_abi_length = strlen(app_abi);
if (strstarts(filename, "/data/app-lib/")) {
char *apk_path;
if (!app_abi_length)
Reported by FlawFinder.
Line: 63
Column: 18
CWE codes:
126
apk_path = getenv("APK_PATH");
if (apk_path) {
new_length += strlen(apk_path) + 1;
if (new_length > PATH_MAX)
return false;
snprintf(newfilename, new_length,
"%s/libs/%s/%s", apk_path, app_abi, libname);
} else {
Reported by FlawFinder.
fs/ocfs2/dlm/dlmdomain.c
15 issues
Line: 1060
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
qr->qr_node = dlm->node_num;
qr->qr_namelen = strlen(dlm->name);
memcpy(qr->qr_domain, dlm->name, qr->qr_namelen);
/* if local hb, the numregions will be zero */
if (o2hb_global_heartbeat_active())
qr->qr_numregions = o2hb_get_all_regions(qr->qr_regions,
O2NM_MAX_REGIONS);
Reported by FlawFinder.
Line: 1246
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
qn->qn_nodenum = dlm->node_num;
qn->qn_numnodes = count;
qn->qn_namelen = strlen(dlm->name);
memcpy(qn->qn_domain, dlm->name, qn->qn_namelen);
i = -1;
while ((i = find_next_bit(node_map, O2NM_MAX_NODES,
i + 1)) < O2NM_MAX_NODES) {
if (i == dlm->node_num)
Reported by FlawFinder.
Line: 1359
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
memset(&cancel_msg, 0, sizeof(cancel_msg));
cancel_msg.node_idx = dlm->node_num;
cancel_msg.name_len = strlen(dlm->name);
memcpy(cancel_msg.domain, dlm->name, cancel_msg.name_len);
status = o2net_send_message(DLM_CANCEL_JOIN_MSG, DLM_MOD_KEY,
&cancel_msg, sizeof(cancel_msg), node,
NULL);
if (status < 0) {
Reported by FlawFinder.
Line: 1426
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
memset(&join_msg, 0, sizeof(join_msg));
join_msg.node_idx = dlm->node_num;
join_msg.name_len = strlen(dlm->name);
memcpy(join_msg.domain, dlm->name, join_msg.name_len);
join_msg.dlm_proto = dlm->dlm_locking_proto;
join_msg.fs_proto = dlm->fs_locking_proto;
/* copy live node map to join message */
byte_copymap(join_msg.node_map, dlm->live_nodes_map, O2NM_MAX_NODES);
Reported by FlawFinder.
Line: 1511
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
memset(&assert_msg, 0, sizeof(assert_msg));
assert_msg.node_idx = dlm->node_num;
assert_msg.name_len = strlen(dlm->name);
memcpy(assert_msg.domain, dlm->name, assert_msg.name_len);
status = o2net_send_message(DLM_ASSERT_JOINED_MSG, DLM_MOD_KEY,
&assert_msg, sizeof(assert_msg), node,
&ret);
if (status < 0)
Reported by FlawFinder.
Line: 1646
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
* yes_resp_map. Copy that into our domain map and send a join
* assert message to clean up everyone elses state. */
spin_lock(&dlm->spinlock);
memcpy(dlm->domain_map, ctxt->yes_resp_map,
sizeof(ctxt->yes_resp_map));
set_bit(dlm->node_num, dlm->domain_map);
spin_unlock(&dlm->spinlock);
/* Support for global heartbeat and node info was added in 1.1 */
Reported by FlawFinder.
Line: 1857
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
int status;
unsigned int backoff;
unsigned int total_backoff = 0;
char wq_name[O2NM_MAX_NAME_LEN];
BUG_ON(!dlm);
mlog(0, "Join domain %s\n", dlm->name);
Reported by FlawFinder.
Line: 253
Column: 7
CWE codes:
126
/* tmp->name here is always NULL terminated,
* but domain may not be! */
list_for_each_entry(tmp, &dlm_domains, list) {
if (strlen(tmp->name) == len &&
memcmp(tmp->name, domain, len)==0)
return tmp;
}
return NULL;
Reported by FlawFinder.
Line: 266
Column: 42
CWE codes:
126
{
assert_spin_locked(&dlm_domain_lock);
return __dlm_lookup_domain_full(domain, strlen(domain));
}
/* returns true on one of two conditions:
* 1) the domain does not exist
Reported by FlawFinder.
Line: 1059
Column: 19
CWE codes:
126
}
qr->qr_node = dlm->node_num;
qr->qr_namelen = strlen(dlm->name);
memcpy(qr->qr_domain, dlm->name, qr->qr_namelen);
/* if local hb, the numregions will be zero */
if (o2hb_global_heartbeat_active())
qr->qr_numregions = o2hb_get_all_regions(qr->qr_regions,
O2NM_MAX_REGIONS);
Reported by FlawFinder.
drivers/media/usb/go7007/go7007-fw.c
15 issues
Line: 329
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
buf[p++] = 418 >> 8;
buf[p++] = 418 & 0xff;
buf[p++] = 0x00;
memcpy(buf + p, bits_dc_luminance + 1, 16);
p += 16;
memcpy(buf + p, val_dc_luminance, sizeof(val_dc_luminance));
p += sizeof(val_dc_luminance);
buf[p++] = 0x01;
memcpy(buf + p, bits_dc_chrominance + 1, 16);
Reported by FlawFinder.
Line: 331
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
buf[p++] = 0x00;
memcpy(buf + p, bits_dc_luminance + 1, 16);
p += 16;
memcpy(buf + p, val_dc_luminance, sizeof(val_dc_luminance));
p += sizeof(val_dc_luminance);
buf[p++] = 0x01;
memcpy(buf + p, bits_dc_chrominance + 1, 16);
p += 16;
memcpy(buf + p, val_dc_chrominance, sizeof(val_dc_chrominance));
Reported by FlawFinder.
Line: 334
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
memcpy(buf + p, val_dc_luminance, sizeof(val_dc_luminance));
p += sizeof(val_dc_luminance);
buf[p++] = 0x01;
memcpy(buf + p, bits_dc_chrominance + 1, 16);
p += 16;
memcpy(buf + p, val_dc_chrominance, sizeof(val_dc_chrominance));
p += sizeof(val_dc_chrominance);
buf[p++] = 0x10;
memcpy(buf + p, bits_ac_luminance + 1, 16);
Reported by FlawFinder.
Line: 336
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
buf[p++] = 0x01;
memcpy(buf + p, bits_dc_chrominance + 1, 16);
p += 16;
memcpy(buf + p, val_dc_chrominance, sizeof(val_dc_chrominance));
p += sizeof(val_dc_chrominance);
buf[p++] = 0x10;
memcpy(buf + p, bits_ac_luminance + 1, 16);
p += 16;
memcpy(buf + p, val_ac_luminance, sizeof(val_ac_luminance));
Reported by FlawFinder.
Line: 339
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
memcpy(buf + p, val_dc_chrominance, sizeof(val_dc_chrominance));
p += sizeof(val_dc_chrominance);
buf[p++] = 0x10;
memcpy(buf + p, bits_ac_luminance + 1, 16);
p += 16;
memcpy(buf + p, val_ac_luminance, sizeof(val_ac_luminance));
p += sizeof(val_ac_luminance);
buf[p++] = 0x11;
memcpy(buf + p, bits_ac_chrominance + 1, 16);
Reported by FlawFinder.
Line: 341
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
buf[p++] = 0x10;
memcpy(buf + p, bits_ac_luminance + 1, 16);
p += 16;
memcpy(buf + p, val_ac_luminance, sizeof(val_ac_luminance));
p += sizeof(val_ac_luminance);
buf[p++] = 0x11;
memcpy(buf + p, bits_ac_chrominance + 1, 16);
p += 16;
memcpy(buf + p, val_ac_chrominance, sizeof(val_ac_chrominance));
Reported by FlawFinder.
Line: 344
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
memcpy(buf + p, val_ac_luminance, sizeof(val_ac_luminance));
p += sizeof(val_ac_luminance);
buf[p++] = 0x11;
memcpy(buf + p, bits_ac_chrominance + 1, 16);
p += 16;
memcpy(buf + p, val_ac_chrominance, sizeof(val_ac_chrominance));
p += sizeof(val_ac_chrominance);
buf[p++] = 0xff;
buf[p++] = 0xda;
Reported by FlawFinder.
Line: 346
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
buf[p++] = 0x11;
memcpy(buf + p, bits_ac_chrominance + 1, 16);
p += 16;
memcpy(buf + p, val_ac_chrominance, sizeof(val_ac_chrominance));
p += sizeof(val_ac_chrominance);
buf[p++] = 0xff;
buf[p++] = 0xda;
buf[p++] = 0;
buf[p++] = 12;
Reported by FlawFinder.
Line: 408
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
mem += 28;
}
memcpy(&code[off + 2], buf + i, chunk * 2);
off += 32;
}
done:
kfree(buf);
return off;
Reported by FlawFinder.
Line: 700
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
mem += 28;
}
memcpy(&code[off + 2], buf + i, chunk * 2);
off += 32;
}
done:
kfree(buf);
return off;
Reported by FlawFinder.
drivers/scsi/zorro_esp.c
15 issues
Line: 61
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct blz1230_dma_registers {
unsigned char dma_addr; /* DMA address [0x0000] */
unsigned char dmapad2[0x7fff];
unsigned char dma_latch; /* DMA latch [0x8000] */
};
/* Blizzard 1230II DMA interface */
Reported by FlawFinder.
Line: 69
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct blz1230II_dma_registers {
unsigned char dma_addr; /* DMA address [0x0000] */
unsigned char dmapad2[0xf];
unsigned char dma_latch; /* DMA latch [0x0010] */
};
/* Blizzard 2060 DMA interface */
Reported by FlawFinder.
Line: 77
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct blz2060_dma_registers {
unsigned char dma_led_ctrl; /* DMA led control [0x000] */
unsigned char dmapad1[0x0f];
unsigned char dma_addr0; /* DMA address (MSB) [0x010] */
unsigned char dmapad2[0x03];
unsigned char dma_addr1; /* DMA address [0x014] */
unsigned char dmapad3[0x03];
unsigned char dma_addr2; /* DMA address [0x018] */
Reported by FlawFinder.
Line: 79
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
unsigned char dma_led_ctrl; /* DMA led control [0x000] */
unsigned char dmapad1[0x0f];
unsigned char dma_addr0; /* DMA address (MSB) [0x010] */
unsigned char dmapad2[0x03];
unsigned char dma_addr1; /* DMA address [0x014] */
unsigned char dmapad3[0x03];
unsigned char dma_addr2; /* DMA address [0x018] */
unsigned char dmapad4[0x03];
unsigned char dma_addr3; /* DMA address (LSB) [0x01c] */
Reported by FlawFinder.
Line: 81
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
unsigned char dma_addr0; /* DMA address (MSB) [0x010] */
unsigned char dmapad2[0x03];
unsigned char dma_addr1; /* DMA address [0x014] */
unsigned char dmapad3[0x03];
unsigned char dma_addr2; /* DMA address [0x018] */
unsigned char dmapad4[0x03];
unsigned char dma_addr3; /* DMA address (LSB) [0x01c] */
};
Reported by FlawFinder.
Line: 83
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
unsigned char dma_addr1; /* DMA address [0x014] */
unsigned char dmapad3[0x03];
unsigned char dma_addr2; /* DMA address [0x018] */
unsigned char dmapad4[0x03];
unsigned char dma_addr3; /* DMA address (LSB) [0x01c] */
};
/* DMA control bits */
#define DMA_WRITE 0x80000000
Reported by FlawFinder.
Line: 94
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct cyber_dma_registers {
unsigned char dma_addr0; /* DMA address (MSB) [0x000] */
unsigned char dmapad1[1];
unsigned char dma_addr1; /* DMA address [0x002] */
unsigned char dmapad2[1];
unsigned char dma_addr2; /* DMA address [0x004] */
unsigned char dmapad3[1];
unsigned char dma_addr3; /* DMA address (LSB) [0x006] */
Reported by FlawFinder.
Line: 96
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
unsigned char dma_addr0; /* DMA address (MSB) [0x000] */
unsigned char dmapad1[1];
unsigned char dma_addr1; /* DMA address [0x002] */
unsigned char dmapad2[1];
unsigned char dma_addr2; /* DMA address [0x004] */
unsigned char dmapad3[1];
unsigned char dma_addr3; /* DMA address (LSB) [0x006] */
unsigned char dmapad4[0x3fb];
unsigned char cond_reg; /* DMA cond (ro) [0x402] */
Reported by FlawFinder.
Line: 98
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
unsigned char dma_addr1; /* DMA address [0x002] */
unsigned char dmapad2[1];
unsigned char dma_addr2; /* DMA address [0x004] */
unsigned char dmapad3[1];
unsigned char dma_addr3; /* DMA address (LSB) [0x006] */
unsigned char dmapad4[0x3fb];
unsigned char cond_reg; /* DMA cond (ro) [0x402] */
#define ctrl_reg cond_reg /* DMA control (wo) [0x402] */
};
Reported by FlawFinder.
Line: 100
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
unsigned char dma_addr2; /* DMA address [0x004] */
unsigned char dmapad3[1];
unsigned char dma_addr3; /* DMA address (LSB) [0x006] */
unsigned char dmapad4[0x3fb];
unsigned char cond_reg; /* DMA cond (ro) [0x402] */
#define ctrl_reg cond_reg /* DMA control (wo) [0x402] */
};
/* DMA control bits */
Reported by FlawFinder.
drivers/crypto/atmel-sha.c
15 issues
Line: 259
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#ifdef VERBOSE_DEBUG
if (dd->flags & SHA_FLAGS_DUMP_REG) {
char tmp[16];
dev_vdbg(dd->dev, "read 0x%08x from %s\n", value,
atmel_sha_reg_name(offset, tmp, sizeof(tmp), false));
}
#endif /* VERBOSE_DEBUG */
Reported by FlawFinder.
Line: 274
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
#ifdef VERBOSE_DEBUG
if (dd->flags & SHA_FLAGS_DUMP_REG) {
char tmp[16];
dev_vdbg(dd->dev, "write 0x%08x into %s\n", value,
atmel_sha_reg_name(offset, tmp, sizeof(tmp), true));
}
#endif /* VERBOSE_DEBUG */
Reported by FlawFinder.
Line: 388
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
padlen = (index < 112) ? (112 - index) : ((128+112) - index);
*(ctx->buffer + ctx->bufcnt) = 0x80;
memset(ctx->buffer + ctx->bufcnt + 1, 0, padlen-1);
memcpy(ctx->buffer + ctx->bufcnt + padlen, bits, 16);
ctx->bufcnt += padlen + 16;
ctx->flags |= SHA_FLAGS_PAD;
break;
default:
Reported by FlawFinder.
Line: 398
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
padlen = (index < 56) ? (56 - index) : ((64+56) - index);
*(ctx->buffer + ctx->bufcnt) = 0x80;
memset(ctx->buffer + ctx->bufcnt + 1, 0, padlen-1);
memcpy(ctx->buffer + ctx->bufcnt + padlen, &bits[1], 8);
ctx->bufcnt += padlen + 8;
ctx->flags |= SHA_FLAGS_PAD;
break;
}
}
Reported by FlawFinder.
Line: 963
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
switch (ctx->flags & SHA_FLAGS_ALGO_MASK) {
default:
case SHA_FLAGS_SHA1:
memcpy(req->result, ctx->digest, SHA1_DIGEST_SIZE);
break;
case SHA_FLAGS_SHA224:
memcpy(req->result, ctx->digest, SHA224_DIGEST_SIZE);
break;
Reported by FlawFinder.
Line: 967
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
break;
case SHA_FLAGS_SHA224:
memcpy(req->result, ctx->digest, SHA224_DIGEST_SIZE);
break;
case SHA_FLAGS_SHA256:
memcpy(req->result, ctx->digest, SHA256_DIGEST_SIZE);
break;
Reported by FlawFinder.
Line: 971
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
break;
case SHA_FLAGS_SHA256:
memcpy(req->result, ctx->digest, SHA256_DIGEST_SIZE);
break;
case SHA_FLAGS_SHA384:
memcpy(req->result, ctx->digest, SHA384_DIGEST_SIZE);
break;
Reported by FlawFinder.
Line: 975
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
break;
case SHA_FLAGS_SHA384:
memcpy(req->result, ctx->digest, SHA384_DIGEST_SIZE);
break;
case SHA_FLAGS_SHA512:
memcpy(req->result, ctx->digest, SHA512_DIGEST_SIZE);
break;
Reported by FlawFinder.
Line: 979
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
break;
case SHA_FLAGS_SHA512:
memcpy(req->result, ctx->digest, SHA512_DIGEST_SIZE);
break;
}
}
static int atmel_sha_finish(struct ahash_request *req)
Reported by FlawFinder.
Line: 1231
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
{
const struct atmel_sha_reqctx *ctx = ahash_request_ctx(req);
memcpy(out, ctx, sizeof(*ctx));
return 0;
}
static int atmel_sha_import(struct ahash_request *req, const void *in)
{
Reported by FlawFinder.
drivers/net/ethernet/marvell/octeontx2/af/rvu.c
15 issues
Line: 839
Column: 2
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
block->lfcfg_reg = NIX_PRIV_LFX_CFG;
block->msixcfg_reg = NIX_PRIV_LFX_INT_CFG;
block->lfreset_reg = NIX_AF_LF_RST;
sprintf(block->name, "NIX%d", blkid);
rvu->nix_blkaddr[blkid] = blkaddr;
return rvu_alloc_bitmap(&block->lf);
}
static int rvu_setup_cpt_hw_resource(struct rvu *rvu, int blkaddr)
Reported by FlawFinder.
Line: 868
Column: 2
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
block->lfcfg_reg = CPT_PRIV_LFX_CFG;
block->msixcfg_reg = CPT_PRIV_LFX_INT_CFG;
block->lfreset_reg = CPT_AF_LF_RST;
sprintf(block->name, "CPT%d", blkid);
return rvu_alloc_bitmap(&block->lf);
}
static void rvu_get_lbk_bufsize(struct rvu *rvu)
{
Reported by FlawFinder.
Line: 925
Column: 2
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
block->lfcfg_reg = NPA_PRIV_LFX_CFG;
block->msixcfg_reg = NPA_PRIV_LFX_INT_CFG;
block->lfreset_reg = NPA_AF_LF_RST;
sprintf(block->name, "NPA");
err = rvu_alloc_bitmap(&block->lf);
if (err)
return err;
nix:
Reported by FlawFinder.
Line: 954
Column: 2
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
block->lfcfg_reg = SSO_PRIV_LFX_HWGRP_CFG;
block->msixcfg_reg = SSO_PRIV_LFX_HWGRP_INT_CFG;
block->lfreset_reg = SSO_AF_LF_HWGRP_RST;
sprintf(block->name, "SSO GROUP");
err = rvu_alloc_bitmap(&block->lf);
if (err)
return err;
ssow:
Reported by FlawFinder.
Line: 975
Column: 2
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
block->lfcfg_reg = SSOW_PRIV_LFX_HWS_CFG;
block->msixcfg_reg = SSOW_PRIV_LFX_HWS_INT_CFG;
block->lfreset_reg = SSOW_AF_LF_HWS_RST;
sprintf(block->name, "SSOWS");
err = rvu_alloc_bitmap(&block->lf);
if (err)
return err;
tim:
Reported by FlawFinder.
Line: 997
Column: 2
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
block->lfcfg_reg = TIM_PRIV_LFX_CFG;
block->msixcfg_reg = TIM_PRIV_LFX_INT_CFG;
block->lfreset_reg = TIM_AF_LF_RST;
sprintf(block->name, "TIM");
err = rvu_alloc_bitmap(&block->lf);
if (err)
return err;
cpt:
Reported by FlawFinder.
Line: 2575
Column: 2
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
}
/* Register mailbox interrupt handler */
sprintf(&rvu->irq_name[RVU_AF_INT_VEC_MBOX * NAME_SIZE], "RVUAF Mbox");
ret = request_irq(pci_irq_vector(rvu->pdev, RVU_AF_INT_VEC_MBOX),
rvu_mbox_intr_handler, 0,
&rvu->irq_name[RVU_AF_INT_VEC_MBOX * NAME_SIZE], rvu);
if (ret) {
dev_err(rvu->dev,
Reported by FlawFinder.
Line: 2591
Column: 2
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
rvu_enable_mbox_intr(rvu);
/* Register FLR interrupt handler */
sprintf(&rvu->irq_name[RVU_AF_INT_VEC_PFFLR * NAME_SIZE],
"RVUAF FLR");
ret = request_irq(pci_irq_vector(rvu->pdev, RVU_AF_INT_VEC_PFFLR),
rvu_flr_intr_handler, 0,
&rvu->irq_name[RVU_AF_INT_VEC_PFFLR * NAME_SIZE],
rvu);
Reported by FlawFinder.
Line: 2612
Column: 2
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
INTR_MASK(rvu->hw->total_pfs) & ~1ULL);
/* Register ME interrupt handler */
sprintf(&rvu->irq_name[RVU_AF_INT_VEC_PFME * NAME_SIZE],
"RVUAF ME");
ret = request_irq(pci_irq_vector(rvu->pdev, RVU_AF_INT_VEC_PFME),
rvu_me_pf_intr_handler, 0,
&rvu->irq_name[RVU_AF_INT_VEC_PFME * NAME_SIZE],
rvu);
Reported by FlawFinder.
Line: 2643
Column: 2
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
/* Register MBOX0 interrupt. */
offset = pf_vec_start + RVU_PF_INT_VEC_VFPF_MBOX0;
sprintf(&rvu->irq_name[offset * NAME_SIZE], "RVUAFVF Mbox0");
ret = request_irq(pci_irq_vector(rvu->pdev, offset),
rvu_mbox_intr_handler, 0,
&rvu->irq_name[offset * NAME_SIZE],
rvu);
if (ret)
Reported by FlawFinder.
drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_erp.c
15 issues
Line: 33
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
};
struct mlxsw_sp_acl_erp_key {
char mask[MLXSW_REG_PTCEX_FLEX_KEY_BLOCKS_LEN];
#define __MASK_LEN 0x38
#define __MASK_IDX(i) (__MASK_LEN - (i) - 1)
bool ctcam;
};
Reported by FlawFinder.
Line: 185
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
struct mlxsw_sp_acl_tcam_region *region = erp_table->aregion->region;
struct mlxsw_sp *mlxsw_sp = region->mlxsw_sp;
char percr_pl[MLXSW_REG_PERCR_LEN];
char *master_mask;
mlxsw_reg_percr_pack(percr_pl, region->id);
master_mask = mlxsw_reg_percr_master_mask_data(percr_pl);
bitmap_to_arr32((u32 *) master_mask, erp_table->master_mask.bitmap,
Reported by FlawFinder.
Line: 265
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (err)
goto err_erp_id_get;
memcpy(&erp->key, key, sizeof(*key));
list_add(&erp->list, &erp_table->atcam_erps_list);
erp_table->num_atcam_erps++;
erp->erp_table = erp_table;
err = mlxsw_sp_acl_erp_master_mask_set(erp_table, &erp->key);
Reported by FlawFinder.
Line: 388
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
struct mlxsw_sp *mlxsw_sp = erp_table->erp_core->mlxsw_sp;
enum mlxsw_reg_perpt_key_size key_size;
char perpt_pl[MLXSW_REG_PERPT_LEN];
u8 erpt_bank, erpt_index;
mlxsw_sp_acl_erp_table_locate(erp_table, erp, &erpt_bank, &erpt_index);
key_size = (enum mlxsw_reg_perpt_key_size) erp_table->aregion->type;
mlxsw_reg_perpt_pack(perpt_pl, erpt_bank, erpt_index, key_size, erp->id,
Reported by FlawFinder.
Line: 404
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static void mlxsw_sp_acl_erp_table_erp_del(struct mlxsw_sp_acl_erp *erp)
{
char empty_mask[MLXSW_REG_PTCEX_FLEX_KEY_BLOCKS_LEN] = { 0 };
struct mlxsw_sp_acl_erp_table *erp_table = erp->erp_table;
struct mlxsw_sp *mlxsw_sp = erp_table->erp_core->mlxsw_sp;
enum mlxsw_reg_perpt_key_size key_size;
char perpt_pl[MLXSW_REG_PERPT_LEN];
u8 erpt_bank, erpt_index;
Reported by FlawFinder.
Line: 408
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct mlxsw_sp_acl_erp_table *erp_table = erp->erp_table;
struct mlxsw_sp *mlxsw_sp = erp_table->erp_core->mlxsw_sp;
enum mlxsw_reg_perpt_key_size key_size;
char perpt_pl[MLXSW_REG_PERPT_LEN];
u8 erpt_bank, erpt_index;
mlxsw_sp_acl_erp_table_locate(erp_table, erp, &erpt_bank, &erpt_index);
key_size = (enum mlxsw_reg_perpt_key_size) erp_table->aregion->type;
mlxsw_reg_perpt_pack(perpt_pl, erpt_bank, erpt_index, key_size, erp->id,
Reported by FlawFinder.
Line: 427
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
struct mlxsw_sp_acl_tcam_region *region = erp_table->aregion->region;
struct mlxsw_sp *mlxsw_sp = erp_table->erp_core->mlxsw_sp;
char pererp_pl[MLXSW_REG_PERERP_LEN];
mlxsw_reg_pererp_pack(pererp_pl, region->id, ctcam_le, true, 0,
erp_table->base_index, 0);
mlxsw_reg_pererp_erp_vector_pack(pererp_pl, erp_table->erp_index_bitmap,
MLXSW_SP_ACL_ERP_MAX_PER_REGION);
Reported by FlawFinder.
Line: 442
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
struct mlxsw_sp_acl_tcam_region *region = erp_table->aregion->region;
struct mlxsw_sp *mlxsw_sp = erp_table->erp_core->mlxsw_sp;
char pererp_pl[MLXSW_REG_PERERP_LEN];
struct mlxsw_sp_acl_erp *master_rp;
master_rp = mlxsw_sp_acl_erp_table_master_rp(erp_table);
/* It is possible we do not have a master RP when we disable the
* table when there are no rules in the A-TCAM and the last C-TCAM
Reported by FlawFinder.
Line: 650
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct mlxsw_sp_acl_tcam_region *region = erp_table->aregion->region;
struct mlxsw_sp *mlxsw_sp = erp_table->erp_core->mlxsw_sp;
bool ctcam_le = erp_table->num_ctcam_erps > 0;
char pererp_pl[MLXSW_REG_PERERP_LEN];
mlxsw_reg_pererp_pack(pererp_pl, region->id, ctcam_le, true, 0,
erp_table->base_index, 0);
mlxsw_reg_pererp_erp_vector_pack(pererp_pl, erp_table->erp_index_bitmap,
MLXSW_SP_ACL_ERP_MAX_PER_REGION);
Reported by FlawFinder.
Line: 667
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct mlxsw_sp_acl_tcam_region *region = erp_table->aregion->region;
struct mlxsw_sp *mlxsw_sp = erp_table->erp_core->mlxsw_sp;
bool ctcam_le = erp_table->num_ctcam_erps > 0;
char pererp_pl[MLXSW_REG_PERERP_LEN];
mlxsw_reg_pererp_pack(pererp_pl, region->id, ctcam_le, true, 0,
erp_table->base_index, 0);
mlxsw_reg_pererp_erp_vector_pack(pererp_pl, erp_table->erp_index_bitmap,
MLXSW_SP_ACL_ERP_MAX_PER_REGION);
Reported by FlawFinder.
net/core/sock.c
15 issues
Line: 231
Column: 14
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
x "AF_QIPCRTR", x "AF_SMC" , x "AF_XDP" , \
x "AF_MAX"
static const char *const af_family_key_strings[AF_MAX+1] = {
_sock_locks("sk_lock-")
};
static const char *const af_family_slock_key_strings[AF_MAX+1] = {
_sock_locks("slock-")
};
Reported by FlawFinder.
Line: 234
Column: 14
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static const char *const af_family_key_strings[AF_MAX+1] = {
_sock_locks("sk_lock-")
};
static const char *const af_family_slock_key_strings[AF_MAX+1] = {
_sock_locks("slock-")
};
static const char *const af_family_clock_key_strings[AF_MAX+1] = {
_sock_locks("clock-")
};
Reported by FlawFinder.
Line: 237
Column: 14
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static const char *const af_family_slock_key_strings[AF_MAX+1] = {
_sock_locks("slock-")
};
static const char *const af_family_clock_key_strings[AF_MAX+1] = {
_sock_locks("clock-")
};
static const char *const af_family_kern_key_strings[AF_MAX+1] = {
_sock_locks("k-sk_lock-")
Reported by FlawFinder.
Line: 241
Column: 14
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
_sock_locks("clock-")
};
static const char *const af_family_kern_key_strings[AF_MAX+1] = {
_sock_locks("k-sk_lock-")
};
static const char *const af_family_kern_slock_key_strings[AF_MAX+1] = {
_sock_locks("k-slock-")
};
Reported by FlawFinder.
Line: 244
Column: 14
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static const char *const af_family_kern_key_strings[AF_MAX+1] = {
_sock_locks("k-sk_lock-")
};
static const char *const af_family_kern_slock_key_strings[AF_MAX+1] = {
_sock_locks("k-slock-")
};
static const char *const af_family_kern_clock_key_strings[AF_MAX+1] = {
_sock_locks("k-clock-")
};
Reported by FlawFinder.
Line: 247
Column: 14
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static const char *const af_family_kern_slock_key_strings[AF_MAX+1] = {
_sock_locks("k-slock-")
};
static const char *const af_family_kern_clock_key_strings[AF_MAX+1] = {
_sock_locks("k-clock-")
};
static const char *const af_family_rlock_key_strings[AF_MAX+1] = {
_sock_locks("rlock-")
};
Reported by FlawFinder.
Line: 250
Column: 14
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static const char *const af_family_kern_clock_key_strings[AF_MAX+1] = {
_sock_locks("k-clock-")
};
static const char *const af_family_rlock_key_strings[AF_MAX+1] = {
_sock_locks("rlock-")
};
static const char *const af_family_wlock_key_strings[AF_MAX+1] = {
_sock_locks("wlock-")
};
Reported by FlawFinder.
Line: 253
Column: 14
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static const char *const af_family_rlock_key_strings[AF_MAX+1] = {
_sock_locks("rlock-")
};
static const char *const af_family_wlock_key_strings[AF_MAX+1] = {
_sock_locks("wlock-")
};
static const char *const af_family_elock_key_strings[AF_MAX+1] = {
_sock_locks("elock-")
};
Reported by FlawFinder.
Line: 256
Column: 14
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static const char *const af_family_wlock_key_strings[AF_MAX+1] = {
_sock_locks("wlock-")
};
static const char *const af_family_elock_key_strings[AF_MAX+1] = {
_sock_locks("elock-")
};
/*
* sk_callback_lock and sk queues locking rules are per-address-family,
Reported by FlawFinder.
Line: 632
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
int ret = -ENOPROTOOPT;
#ifdef CONFIG_NETDEVICES
struct net *net = sock_net(sk);
char devname[IFNAMSIZ];
int index;
ret = -EINVAL;
if (optlen < 0)
goto out;
Reported by FlawFinder.
tools/perf/util/cs-etm.c
15 issues
Line: 2557
Column: 3
CWE codes:
134
Suggestion:
Use a constant for the format specification
if ((magic != __perf_cs_etmv3_magic) &&
(magic != __perf_cs_etmv4_magic)) {
/* failure - note bad magic value */
fprintf(stdout, magic_unk_fmt, magic);
return -EINVAL;
}
/* print common header block */
fprintf(stdout, cs_etm_priv_fmts[CS_ETM_MAGIC], val[i++]);
Reported by FlawFinder.
Line: 2562
Column: 2
CWE codes:
134
Suggestion:
Use a constant for the format specification
}
/* print common header block */
fprintf(stdout, cs_etm_priv_fmts[CS_ETM_MAGIC], val[i++]);
fprintf(stdout, cs_etm_priv_fmts[CS_ETM_CPU], val[i++]);
if (magic == __perf_cs_etmv3_magic) {
nr_params = CS_ETM_NR_TRC_PARAMS_V0;
fmt_offset = CS_ETM_ETMCR;
Reported by FlawFinder.
Line: 2563
Column: 2
CWE codes:
134
Suggestion:
Use a constant for the format specification
/* print common header block */
fprintf(stdout, cs_etm_priv_fmts[CS_ETM_MAGIC], val[i++]);
fprintf(stdout, cs_etm_priv_fmts[CS_ETM_CPU], val[i++]);
if (magic == __perf_cs_etmv3_magic) {
nr_params = CS_ETM_NR_TRC_PARAMS_V0;
fmt_offset = CS_ETM_ETMCR;
/* after common block, offset format index past NR_PARAMS */
Reported by FlawFinder.
Line: 2570
Column: 4
CWE codes:
134
Suggestion:
Use a constant for the format specification
fmt_offset = CS_ETM_ETMCR;
/* after common block, offset format index past NR_PARAMS */
for (j = fmt_offset; j < nr_params + fmt_offset; j++, i++)
fprintf(stdout, cs_etm_priv_fmts[j], val[i]);
} else if (magic == __perf_cs_etmv4_magic) {
nr_params = CS_ETMV4_NR_TRC_PARAMS_V0;
fmt_offset = CS_ETMV4_TRCCONFIGR;
/* after common block, offset format index past NR_PARAMS */
for (j = fmt_offset; j < nr_params + fmt_offset; j++, i++)
Reported by FlawFinder.
Line: 2576
Column: 4
CWE codes:
134
Suggestion:
Use a constant for the format specification
fmt_offset = CS_ETMV4_TRCCONFIGR;
/* after common block, offset format index past NR_PARAMS */
for (j = fmt_offset; j < nr_params + fmt_offset; j++, i++)
fprintf(stdout, cs_etmv4_priv_fmts[j], val[i]);
}
*offset = i;
return 0;
}
Reported by FlawFinder.
Line: 2595
Column: 5
CWE codes:
134
Suggestion:
Use a constant for the format specification
for (j = 0; j < total_params; j++, i++) {
/* if newer record - could be excess params */
if (j >= CS_ETM_PRIV_MAX)
fprintf(stdout, param_unk_fmt, j, val[i]);
else
fprintf(stdout, cs_etm_priv_fmts[j], val[i]);
}
} else if (magic == __perf_cs_etmv4_magic) {
for (j = 0; j < total_params; j++, i++) {
Reported by FlawFinder.
Line: 2597
Column: 5
CWE codes:
134
Suggestion:
Use a constant for the format specification
if (j >= CS_ETM_PRIV_MAX)
fprintf(stdout, param_unk_fmt, j, val[i]);
else
fprintf(stdout, cs_etm_priv_fmts[j], val[i]);
}
} else if (magic == __perf_cs_etmv4_magic) {
for (j = 0; j < total_params; j++, i++) {
/* if newer record - could be excess params */
if (j >= CS_ETMV4_PRIV_MAX)
Reported by FlawFinder.
Line: 2603
Column: 5
CWE codes:
134
Suggestion:
Use a constant for the format specification
for (j = 0; j < total_params; j++, i++) {
/* if newer record - could be excess params */
if (j >= CS_ETMV4_PRIV_MAX)
fprintf(stdout, param_unk_fmt, j, val[i]);
else
fprintf(stdout, cs_etmv4_priv_fmts[j], val[i]);
}
} else {
/* failure - note bad magic value and error out */
Reported by FlawFinder.
Line: 2605
Column: 5
CWE codes:
134
Suggestion:
Use a constant for the format specification
if (j >= CS_ETMV4_PRIV_MAX)
fprintf(stdout, param_unk_fmt, j, val[i]);
else
fprintf(stdout, cs_etmv4_priv_fmts[j], val[i]);
}
} else {
/* failure - note bad magic value and error out */
fprintf(stdout, magic_unk_fmt, magic);
return -EINVAL;
Reported by FlawFinder.
Line: 2609
Column: 3
CWE codes:
134
Suggestion:
Use a constant for the format specification
}
} else {
/* failure - note bad magic value and error out */
fprintf(stdout, magic_unk_fmt, magic);
return -EINVAL;
}
*offset = i;
return 0;
}
Reported by FlawFinder.