The following issues were found
drivers/net/wireless/realtek/rtlwifi/btcoexist/rtl_btc.c
1 issues
Line: 69
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (safe_len > len)
safe_len = len;
memcpy(btcoexist->pwr_mode_val, buf, safe_len);
}
u8 rtl_btc_get_lps_val(struct rtl_priv *rtlpriv)
{
struct btc_coexist *btcoexist = rtl_btc_coexist(rtlpriv);
Reported by FlawFinder.
drivers/ptp/ptp_sysfs.c
1 issues
Line: 290
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
}
size = sizeof(int) * ptp->n_vclocks;
memcpy(vclock_index, ptp->vclock_index, size);
kfree(ptp->vclock_index);
ptp->vclock_index = vclock_index;
ptp->max_vclocks = max;
Reported by FlawFinder.
drivers/net/wireless/intersil/orinoco/scan.c
1 issues
Line: 95
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
/* Reconstruct SSID and bitrate IEs to pass up */
ie_buf[0] = WLAN_EID_SSID;
ie_buf[1] = len;
memcpy(&ie_buf[2], bss->a.essid, len);
ie = ie_buf + len + 2;
ie_len = ie_buf[1] + 2;
switch (priv->firmware_type) {
case FIRMWARE_TYPE_SYMBOL:
Reported by FlawFinder.
drivers/ptp/ptp_kvm_common.c
1 issues
Line: 100
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
spin_unlock(&kvm_ptp_lock);
memcpy(ts, &tspec, sizeof(struct timespec64));
return 0;
}
static int ptp_kvm_enable(struct ptp_clock_info *ptp,
Reported by FlawFinder.
drivers/s390/char/sclp_cpi_sys.h
1 issues
Line: 12
Column: 35
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
#ifndef __SCLP_CPI_SYS_H__
#define __SCLP_CPI_SYS_H__
int sclp_cpi_set_data(const char *system, const char *sysplex,
const char *type, u64 level);
#endif /* __SCLP_CPI_SYS_H__ */
Reported by FlawFinder.
drivers/s390/char/sclp_early.c
1 issues
Line: 93
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
sclp_ipl_info.is_valid = 1;
if (sccb->fac91 & 0x2)
sclp_ipl_info.has_dump = 1;
memcpy(&sclp_ipl_info.loadparm, &sccb->loadparm, LOADPARM_LEN);
if (sccb->hsa_size)
sclp.hsa_size = (sccb->hsa_size - 1) * PAGE_SIZE;
sclp.mtid = (sccb->fac42 & 0x80) ? (sccb->fac42 & 31) : 0;
sclp.mtid_cp = (sccb->fac42 & 0x80) ? (sccb->fac43 & 31) : 0;
Reported by FlawFinder.
drivers/net/wireless/realtek/rtl818x/rtl8187/leds.h
1 issues
Line: 46
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
/* The pin/method used to control the led */
u8 ledpin;
/* The unique name string for this LED device. */
char name[RTL8187_LED_MAX_NAME_LEN + 1];
/* If the LED is radio or tx/rx */
bool is_radio;
};
void rtl8187_leds_init(struct ieee80211_hw *dev, u16 code);
Reported by FlawFinder.
drivers/ptp/ptp_clockmatrix.h
1 issues
Line: 147
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct i2c_client *client;
u8 page_offset;
u8 tod_mask;
char version[16];
u8 deprecated;
/* Overhead calculation for adjtime */
u8 calculate_overhead_flag;
s64 tod_write_overhead_ns;
Reported by FlawFinder.
drivers/s390/char/sclp_pci.c
1 issues
Line: 173
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
sccb->evbuf.fh = fh;
sccb->evbuf.fid = fid;
memcpy(sccb->evbuf.data, report->data, report->length);
ret = sclp_add_request(&req);
if (ret)
goto out_free_req;
Reported by FlawFinder.
drivers/s390/char/sclp_sd.c
1 issues
Line: 471
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
} else {
if (off + size > data_size)
size = data_size - off;
memcpy(buffer, data + off, size);
}
mutex_unlock(&sd_file->data_mutex);
return size;
Reported by FlawFinder.