The following issues were found
include/net/checksum.h
1 issues
Line: 51
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
static inline __wsum
csum_partial_copy_nocheck(const void *src, void *dst, int len)
{
memcpy(dst, src, len);
return csum_partial(dst, len, 0);
}
#endif
#ifndef HAVE_ARCH_CSUM_ADD
Reported by FlawFinder.
include/net/caif/cfsrvl.h
1 issues
Line: 17
Column: 7
CWE codes:
362
struct cfsrvl {
struct cflayer layer;
bool open;
bool phy_flow_on;
bool modem_flow_on;
bool supports_flowctrl;
void (*release)(struct cflayer *layer);
struct dev_info dev_info;
Reported by FlawFinder.
include/net/caif/caif_layer.h
1 issues
Line: 232
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
int (*modemcmd) (struct cflayer *layr, enum caif_modemcmd ctrl);
unsigned int id;
char name[CAIF_LAYER_NAME_SZ];
};
/**
* layer_set_up() - Set the up pointer for a specified layer.
* @layr: Layer where up pointer shall be set.
Reported by FlawFinder.
net/mac80211/ethtool.c
1 issues
Line: 212
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (sset == ETH_SS_STATS) {
sz_sta_stats = sizeof(ieee80211_gstrings_sta_stats);
memcpy(data, ieee80211_gstrings_sta_stats, sz_sta_stats);
}
drv_get_et_strings(sdata, sset, &(data[sz_sta_stats]));
}
static int ieee80211_get_regs_len(struct net_device *dev)
Reported by FlawFinder.
include/linux/sync_file.h
1 issues
Line: 44
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
* Otherwise generated through driver callbacks (in which case the
* entire array is 0).
*/
char user_name[32];
#ifdef CONFIG_DEBUG_FS
struct list_head sync_file_list;
#endif
wait_queue_head_t wq;
Reported by FlawFinder.
include/net/bluetooth/hci_sock.h
1 issues
Line: 110
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct hci_dev_info {
__u16 dev_id;
char name[8];
bdaddr_t bdaddr;
__u32 flags;
__u8 type;
Reported by FlawFinder.
include/net/bluetooth/hci_mon.h
1 issues
Line: 59
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
__u8 type;
__u8 bus;
bdaddr_t bdaddr;
char name[8];
} __packed;
#define HCI_MON_NEW_INDEX_SIZE 16
struct hci_mon_index_info {
bdaddr_t bdaddr;
Reported by FlawFinder.
include/net/bluetooth/bluetooth.h
1 issues
Line: 280
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
}
static inline void bacpy(bdaddr_t *dst, const bdaddr_t *src)
{
memcpy(dst, src, sizeof(bdaddr_t));
}
void baswap(bdaddr_t *dst, const bdaddr_t *src);
/* Common socket structures and functions */
Reported by FlawFinder.
include/net/ax25.h
1 issues
Line: 183
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
typedef struct {
ax25_address calls[AX25_MAX_DIGIS];
unsigned char repeated[AX25_MAX_DIGIS];
unsigned char ndigi;
signed char lastrepeat;
} ax25_digi;
typedef struct ax25_route {
Reported by FlawFinder.
include/net/act_api.h
1 issues
Line: 92
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct tc_action_ops {
struct list_head head;
char kind[IFNAMSIZ];
enum tca_id id; /* identifier should match kind */
size_t size;
struct module *owner;
int (*act)(struct sk_buff *, const struct tc_action *,
struct tcf_result *); /* called under RCU BH lock*/
Reported by FlawFinder.