The following issues were found
drivers/nfc/nfcsim.c
1 issues
Line: 353
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static void nfcsim_debugfs_init_dev(struct nfcsim *dev)
{
struct dentry *dev_dir;
char devname[5]; /* nfcX\0 */
u32 idx;
int n;
if (!nfcsim_debugfs_root) {
NFCSIM_ERR(dev, "nfcsim debugfs not initialized\n");
Reported by FlawFinder.
drivers/scsi/bnx2i/bnx2i_init.c
1 issues
Line: 387
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
return -ENOMEM;
strlcpy(stats->version, DRV_MODULE_VERSION, sizeof(stats->version));
memcpy(stats->mac_add1 + 2, hba->cnic->mac_addr, ETH_ALEN);
stats->max_frame_size = hba->netdev->mtu;
stats->txq_size = hba->max_sqes;
stats->rxq_size = hba->max_cqes;
Reported by FlawFinder.
drivers/nfc/nfcmrvl/main.c
1 issues
Line: 113
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
priv->dev = dev;
priv->phy = phy;
memcpy(&priv->config, pdata, sizeof(*pdata));
if (gpio_is_valid(priv->config.reset_n_io)) {
rc = gpio_request_one(priv->config.reset_n_io,
GPIOF_OUT_INIT_LOW,
"nfcmrvl_reset_n");
Reported by FlawFinder.
drivers/net/wireless/marvell/mwifiex/uap_txrx.c
1 issues
Line: 254
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
return 0;
}
memcpy(ra, rx_pkt_hdr->eth803_hdr.h_dest, ETH_ALEN);
if (is_multicast_ether_addr(ra)) {
skb_uap = skb_copy(skb, GFP_ATOMIC);
mwifiex_uap_queue_bridged_pkt(priv, skb_uap);
} else {
Reported by FlawFinder.
drivers/nfc/nfcmrvl/fw_dnld.h
1 issues
Line: 62
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
} __packed;
struct nfcmrvl_fw_dnld {
char name[NFC_FIRMWARE_NAME_MAXSIZE + 1];
const struct firmware *fw;
const struct nfcmrvl_fw *header;
const struct nfcmrvl_fw_binary_config *binary_config;
Reported by FlawFinder.
drivers/nfc/mei_phy.c
1 issues
Line: 225
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
MEI_DUMP_NFC_HDR("send", hdr);
memcpy(mei_buf + MEI_NFC_HEADER_SIZE, buf, length);
err = mei_cldev_send(phy->cldev, mei_buf, length + MEI_NFC_HEADER_SIZE);
if (err < 0)
goto out;
if (!wait_event_interruptible_timeout(phy->send_wq,
Reported by FlawFinder.
drivers/nfc/fdp/fdp.c
1 issues
Line: 124
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
u32 fc = 13560;
u32 nd, num, delta;
char data[9];
nd = (24 * fc) / clock_freq;
delta = 24 * fc - nd * clock_freq;
num = (32768 * delta) / clock_freq;
Reported by FlawFinder.
drivers/net/wwan/rpmsg_wwan_ctrl.c
1 issues
Line: 40
Column: 2
CWE codes:
120
.dst = RPMSG_ADDR_ANY,
};
strncpy(chinfo.name, rpwwan->rpdev->id.name, RPMSG_NAME_SIZE);
rpwwan->ept = rpmsg_create_ept(rpwwan->rpdev, rpmsg_wwan_ctrl_callback,
rpwwan, chinfo);
if (!rpwwan->ept)
return -EREMOTEIO;
Reported by FlawFinder.
drivers/scsi/libsas/sas_discover.c
1 issues
Line: 135
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
}
rphy->identify.phy_identifier = phy->phy->identify.phy_identifier;
memcpy(dev->sas_addr, port->attached_sas_addr, SAS_ADDR_SIZE);
sas_fill_in_rphy(dev, rphy);
sas_hash_addr(dev->hashed_sas_addr, dev->sas_addr);
port->port_dev = dev;
dev->linkrate = port->linkrate;
dev->min_linkrate = port->linkrate;
Reported by FlawFinder.
drivers/net/wwan/iosm/iosm_ipc_uevent.h
1 issues
Line: 29
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
*/
struct ipc_uevent_info {
struct device *dev;
char uevent[MAX_UEVENT_LEN];
struct work_struct work;
};
/**
* ipc_uevent_send - Send modem event to user space.
Reported by FlawFinder.