The following issues were found

net/netfilter/nf_conntrack_pptp.c
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 75 Column: 14 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              
#if defined(DEBUG) || defined(CONFIG_DYNAMIC_DEBUG)
/* PptpControlMessageType names */
static const char *const pptp_msg_name_array[PPTP_MSG_MAX + 1] = {
	[0]				= "UNKNOWN_MESSAGE",
	[PPTP_START_SESSION_REQUEST]	= "START_SESSION_REQUEST",
	[PPTP_START_SESSION_REPLY]	= "START_SESSION_REPLY",
	[PPTP_STOP_SESSION_REQUEST]	= "STOP_SESSION_REQUEST",
	[PPTP_STOP_SESSION_REPLY]	= "STOP_SESSION_REPLY",

Reported by FlawFinder.

net/netfilter/nf_conntrack_proto_gre.c
1 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 112 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

              	km = kmalloc(sizeof(*km), GFP_ATOMIC);
	if (!km)
		return -ENOMEM;
	memcpy(&km->tuple, t, sizeof(*t));
	*kmp = km;

	pr_debug("adding new entry %p: ", km);
	nf_ct_dump_tuple(&km->tuple);

Reported by FlawFinder.

include/linux/vt_buffer.h
1 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 49 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

              	while (count--)
		scr_writew(scr_readw(s++), d++);
#else
	memcpy(d, s, count);
#endif
}
#endif

#ifndef VT_BUF_HAVE_MEMMOVEW

Reported by FlawFinder.

include/linux/verification.h
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 32 Column: 14 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              	VERIFYING_UNSPECIFIED_SIGNATURE,
	NR__KEY_BEING_USED_FOR
};
extern const char *const key_being_used_for[NR__KEY_BEING_USED_FOR];

#ifdef CONFIG_SYSTEM_DATA_VERIFICATION

struct key;
struct pkcs7_message;

Reported by FlawFinder.

include/linux/usb/musb.h
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 59 Column: 8 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              	MUSB_EP_FIFO(ep, st, BUF_DOUBLE, pkt)

struct musb_hdrc_eps_bits {
	const char	name[16];
	u8		bits;
};

struct musb_hdrc_config {
	struct musb_fifo_cfg	*fifo_cfg;	/* board fifo configuration */

Reported by FlawFinder.

include/linux/usb/hcd.h
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 94 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              						 * May be different from
						 * hcd->driver->flags & HCD_MASK
						 */
	char			irq_descr[24];	/* driver + bus # */

	struct timer_list	rh_timer;	/* drives root-hub polling */
	struct urb		*status_urb;	/* the current status urb */
#ifdef CONFIG_PM
	struct work_struct	wakeup_work;	/* for remote wakeup */

Reported by FlawFinder.

net/packet/internal.h
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 13 Column: 11 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              	int			count;
	unsigned short		type;
	unsigned short		alen;
	unsigned char		addr[MAX_ADDR_LEN];
};

/* kbdq - kernel block descriptor queue */
struct tpacket_kbdq_core {
	struct pgv	*pkbdq;

Reported by FlawFinder.

net/netfilter/nf_nat_ftp.c
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 75 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              	u_int16_t port;
	int dir = CTINFO2DIR(ctinfo);
	struct nf_conn *ct = exp->master;
	char buffer[sizeof("|1||65535|") + INET6_ADDRSTRLEN];
	unsigned int buflen;

	pr_debug("type %i, off %u len %u\n", type, matchoff, matchlen);

	/* Connection will come from wherever this packet goes, hence !dir */

Reported by FlawFinder.

net/netfilter/nf_nat_helper.c
1 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 44 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

              			     match_offset + match_len));

	/* insert data from buffer */
	memcpy(data + match_offset, rep_buffer, rep_len);

	/* update skb info */
	if (rep_len > match_len) {
		pr_debug("nf_nat_mangle_packet: Extending packet by "
			 "%u from %u bytes\n", rep_len - match_len, skb->len);

Reported by FlawFinder.

include/linux/usb/gadget_configfs.h
1 issues
sprintf - Does not check for buffer overflows
Security

Line: 27 Column: 9 CWE codes: 120
Suggestion: Use sprintf_s, snprintf, or vsnprintf 

              static ssize_t __struct##_##__name##_show(struct config_item *item, char *page) \
{	\
	struct __struct *gs = to_##__struct(item);	\
	return sprintf(page, "%s\n", gs->__name ?: "");	\
}

#define GS_STRINGS_RW(struct_name, _name)	\
	GS_STRINGS_R(struct_name, _name)	\
	GS_STRINGS_W(struct_name, _name)	\

Reported by FlawFinder.