The following issues were found
drivers/rapidio/devices/tsi721_dma.c
1 issues
Line: 925
CWE codes:
908
list_splice_init(&bdma_chan->queue, &list);
list_for_each_entry_safe(desc, _d, &list, desc_node)
tsi721_dma_tx_err(bdma_chan, desc);
spin_unlock_bh(&bdma_chan->lock);
return 0;
}
Reported by Cppcheck.
drivers/rapidio/devices/tsi721.h
1 issues
Line: 834
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct msix_irq {
u16 vector;
char irq_name[IRQ_DEVICE_NAME_MAX];
};
#endif /* CONFIG_PCI_MSI */
struct tsi721_ib_win_mapping {
struct list_head node;
Reported by FlawFinder.
drivers/s390/char/defkeymap.c
1 issues
Line: 132
Column: 1
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
int ebc_funcbufsize = sizeof(ebc_func_buf);
int ebc_funcbufleft; /* space left */
char *ebc_func_table[MAX_NR_FUNC] = {
ebc_func_buf + 0,
ebc_func_buf + 5,
ebc_func_buf + 10,
ebc_func_buf + 15,
ebc_func_buf + 20,
Reported by FlawFinder.
drivers/pwm/pwm-meson.c
1 issues
Line: 497
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct device *dev = meson->chip.dev;
struct clk_init_data init;
unsigned int i;
char name[255];
int err;
for (i = 0; i < meson->chip.npwm; i++) {
struct meson_pwm_channel *channel = &meson->channels[i];
Reported by FlawFinder.
drivers/net/wireless/realtek/rtlwifi/cam.c
1 issues
Line: 280
Column: 4
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
pr_err("-----hwsec_cam_bitmap: 0x%x entry_idx=%d\n",
rtlpriv->sec.hwsec_cam_bitmap, entry_idx);
rtlpriv->sec.hwsec_cam_bitmap |= BIT(0) << entry_idx;
memcpy(rtlpriv->sec.hwsec_cam_sta_addr[entry_idx],
sta_addr, ETH_ALEN);
return entry_idx;
}
bitmap = bitmap >> 1;
}
Reported by FlawFinder.
drivers/s390/char/keyboard.h
1 issues
Line: 18
Column: 8
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct kbd_data;
extern int ebc_funcbufsize, ebc_funcbufleft;
extern char *ebc_func_table[MAX_NR_FUNC];
extern char ebc_func_buf[];
extern char *ebc_funcbufptr;
extern unsigned int ebc_keymap_count;
extern struct kbdiacruc ebc_accent_table[];
Reported by FlawFinder.
drivers/scsi/fnic/vnic_dev.c
1 issues
Line: 809
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
do {
csum = 0;
memcpy(&vdev->notify_copy, vdev->notify,
sizeof(struct vnic_devcmd_notify));
words = (u32 *)&vdev->notify_copy;
for (i = 1; i < nwords; i++)
csum += words[i];
} while (csum != words[0]);
Reported by FlawFinder.
drivers/s390/char/monwriter.c
1 issues
Line: 66
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
rc = -ENOMEM;
if (!id || !parm_list)
goto out;
memcpy(id->prod_nr, "LNXAPPL", 7);
id->prod_fn = myhdr->applid;
id->record_nr = myhdr->record_num;
id->version_nr = myhdr->version;
id->release_nr = myhdr->release;
id->mod_lvl = myhdr->mod_level;
Reported by FlawFinder.
drivers/pwm/pwm-mediatek.c
1 issues
Line: 244
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
}
for (i = 0; i < pc->soc->num_pwms; i++) {
char name[8];
snprintf(name, sizeof(name), "pwm%d", i + 1);
pc->clk_pwms[i] = devm_clk_get(&pdev->dev, name);
if (IS_ERR(pc->clk_pwms[i])) {
Reported by FlawFinder.
drivers/pwm/pwm-jz4740.c
1 issues
Line: 54
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
struct jz4740_pwm_chip *jz = to_jz4740(chip);
struct clk *clk;
char name[16];
int err;
if (!jz4740_pwm_can_use_chn(jz, pwm->hwpwm))
return -EBUSY;
Reported by FlawFinder.