* drivers/net/hamradio/baycom_epp.c:304:2: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments...
@ 2022-03-28 17:21 kernel test robot
0 siblings, 0 replies; 2+ messages in thread
From: kernel test robot @ 2022-03-28 17:21 UTC (permalink / raw)
To: kbuild
[-- Attachment #1: Type: text/plain, Size: 132447 bytes --]
CC: llvm(a)lists.linux.dev
CC: kbuild-all(a)lists.01.org
BCC: lkp(a)intel.com
CC: linux-kernel(a)vger.kernel.org
TO: Arnd Bergmann <arnd@arndb.de>
CC: Masahiro Yamada <masahiroy@kernel.org>
CC: Alex Shi <alexs@kernel.org>
CC: Nick Desaulniers <ndesaulniers@google.com>
CC: Miguel Ojeda <ojeda@kernel.org>
CC: Nathan Chancellor <nathan@kernel.org>
tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head: ae085d7f9365de7da27ab5c0d16b12d51ea7fca9
commit: e8c07082a810fbb9db303a2b66b66b8d7e588b53 Kbuild: move to -std=gnu11
date: 2 weeks ago
:::::: branch date: 15 hours ago
:::::: commit date: 2 weeks ago
config: i386-randconfig-c001-20220328 (https://download.01.org/0day-ci/archive/20220329/202203290142.reAkPfvd-lkp(a)intel.com/config)
compiler: clang version 15.0.0 (https://github.com/llvm/llvm-project 0f6d9501cf49ce02937099350d08f20c4af86f3d)
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e8c07082a810fbb9db303a2b66b66b8d7e588b53
git remote add linus https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
git fetch --no-tags linus master
git checkout e8c07082a810fbb9db303a2b66b66b8d7e588b53
# save the config file to linux build tree
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=i386 clang-analyzer
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
clang-analyzer warnings: (new ones prefixed by >>)
^
arch/x86/include/asm/string_32.h:150:25: note: expanded from macro 'memcpy'
#define memcpy(t, f, n) __builtin_memcpy(t, f, n)
^~~~~~~~~~~~~~~~
kernel/printk/printk_ringbuffer.c:1811:3: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(r->info, info, sizeof(*(r->info)));
^
arch/x86/include/asm/string_32.h:150:25: note: expanded from macro 'memcpy'
#define memcpy(t, f, n) __builtin_memcpy(t, f, n)
^~~~~~~~~~~~~~~~
kernel/printk/printk_ringbuffer.c:1811:3: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(r->info, info, sizeof(*(r->info)));
^
arch/x86/include/asm/string_32.h:150:25: note: expanded from macro 'memcpy'
#define memcpy(t, f, n) __builtin_memcpy(t, f, n)
^~~~~~~~~~~~~~~~
kernel/printk/printk_ringbuffer.c:2039:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(descs, 0, _DESCS_COUNT(descbits) * sizeof(descs[0]));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
kernel/printk/printk_ringbuffer.c:2039:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(descs, 0, _DESCS_COUNT(descbits) * sizeof(descs[0]));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
kernel/printk/printk_ringbuffer.c:2040:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(infos, 0, _DESCS_COUNT(descbits) * sizeof(infos[0]));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
kernel/printk/printk_ringbuffer.c:2040:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(infos, 0, _DESCS_COUNT(descbits) * sizeof(infos[0]));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
Suppressed 10 warnings (10 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
81 warnings generated.
Suppressed 81 warnings (81 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
82 warnings generated.
Suppressed 82 warnings (82 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
36 warnings generated.
drivers/input/mouse/cypress_ps2.c:114:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(param, 0, pktsize);
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
drivers/input/mouse/cypress_ps2.c:114:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(param, 0, pktsize);
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
drivers/input/mouse/cypress_ps2.c:124:2: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(param, psmouse->packet, pktsize);
^
arch/x86/include/asm/string_32.h:150:25: note: expanded from macro 'memcpy'
#define memcpy(t, f, n) __builtin_memcpy(t, f, n)
^~~~~~~~~~~~~~~~
drivers/input/mouse/cypress_ps2.c:124:2: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(param, psmouse->packet, pktsize);
^
arch/x86/include/asm/string_32.h:150:25: note: expanded from macro 'memcpy'
#define memcpy(t, f, n) __builtin_memcpy(t, f, n)
^~~~~~~~~~~~~~~~
drivers/input/mouse/cypress_ps2.c:267:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(param, 0, sizeof(param));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
drivers/input/mouse/cypress_ps2.c:267:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(param, 0, sizeof(param));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
drivers/input/mouse/cypress_ps2.c:449:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(report_data, 0, sizeof(struct cytp_report_data));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
drivers/input/mouse/cypress_ps2.c:449:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(report_data, 0, sizeof(struct cytp_report_data));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
Suppressed 32 warnings (32 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
81 warnings generated.
>> drivers/net/hamradio/baycom_epp.c:304:2: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(modearg, "%sclk,%smodem,fclk=%d,bps=%d,divider=%d%s,extstat",
^~~~~~~
drivers/net/hamradio/baycom_epp.c:304:2: note: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(modearg, "%sclk,%smodem,fclk=%d,bps=%d,divider=%d%s,extstat",
^~~~~~~
drivers/net/hamradio/baycom_epp.c:309:2: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(portarg, "%ld", bc->pdev->port->base);
^~~~~~~
drivers/net/hamradio/baycom_epp.c:309:2: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(portarg, "%ld", bc->pdev->port->base);
^~~~~~~
drivers/net/hamradio/baycom_epp.c:458:4: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(tmp, 0x7e, sizeof(tmp));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
drivers/net/hamradio/baycom_epp.c:458:4: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(tmp, 0x7e, sizeof(tmp));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
drivers/net/hamradio/baycom_epp.c:494:5: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(tmp, 0x7e, sizeof(tmp));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
drivers/net/hamradio/baycom_epp.c:494:5: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(tmp, 0x7e, sizeof(tmp));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
drivers/net/hamradio/baycom_epp.c:511:4: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(tmp, 0, sizeof(tmp));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
drivers/net/hamradio/baycom_epp.c:511:4: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(tmp, 0, sizeof(tmp));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
drivers/net/hamradio/baycom_epp.c:545:2: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(cp, bc->hdlcrx.buf, pktlen - 1);
^
arch/x86/include/asm/string_32.h:150:25: note: expanded from macro 'memcpy'
#define memcpy(t, f, n) __builtin_memcpy(t, f, n)
^~~~~~~~~~~~~~~~
drivers/net/hamradio/baycom_epp.c:545:2: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(cp, bc->hdlcrx.buf, pktlen - 1);
^
arch/x86/include/asm/string_32.h:150:25: note: expanded from macro 'memcpy'
#define memcpy(t, f, n) __builtin_memcpy(t, f, n)
^~~~~~~~~~~~~~~~
drivers/net/hamradio/baycom_epp.c:603:34: warning: The result of the left shift is undefined because the left operand is negative [clang-analyzer-core.UndefinedBinaryOperatorResult]
bitbuf = (bitbuf & ((~0xff) << j)) | ((bitbuf & ~((~0xff) << j)) << 1);
^
drivers/net/hamradio/baycom_epp.c:649:6: note: Assuming field 'work_running' is not equal to 0
if (!bc->work_running)
^~~~~~~~~~~~~~~~~
drivers/net/hamradio/baycom_epp.c:649:2: note: Taking false branch
if (!bc->work_running)
^
drivers/net/hamradio/baycom_epp.c:654:6: note: Assuming the condition is false
if (pp->ops->epp_read_addr(pp, &stat, 1, 0) != 1)
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/net/hamradio/baycom_epp.c:654:2: note: Taking false branch
if (pp->ops->epp_read_addr(pp, &stat, 1, 0) != 1)
^
drivers/net/hamradio/baycom_epp.c:658:2: note: Left side of '&&' is true
GETTICK(time1);
^
drivers/net/hamradio/baycom_epp.c:630:6: note: expanded from macro 'GETTICK'
if (boot_cpu_has(X86_FEATURE_TSC)) \
^
arch/x86/include/asm/cpufeature.h:141:27: note: expanded from macro 'boot_cpu_has'
#define boot_cpu_has(bit) cpu_has(&boot_cpu_data, bit)
^
arch/x86/include/asm/cpufeature.h:122:3: note: expanded from macro 'cpu_has'
(__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \
^
drivers/net/hamradio/baycom_epp.c:658:2: note: Left side of '&&' is true
GETTICK(time1);
^
drivers/net/hamradio/baycom_epp.c:630:6: note: expanded from macro 'GETTICK'
if (boot_cpu_has(X86_FEATURE_TSC)) \
^
arch/x86/include/asm/cpufeature.h:141:27: note: expanded from macro 'boot_cpu_has'
#define boot_cpu_has(bit) cpu_has(&boot_cpu_data, bit)
^
arch/x86/include/asm/cpufeature.h:122:32: note: expanded from macro 'cpu_has'
(__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \
^
arch/x86/include/asm/cpufeature.h:74:5: note: expanded from macro 'REQUIRED_MASK_BIT_SET'
( CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 0, feature_bit) || \
--
^~~~~~~~~~~~~~~~
drivers/input/mouse/alps.c:2586:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(otp, 0, sizeof(otp));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
drivers/input/mouse/alps.c:2932:4: warning: Value stored to 'protocol' is never read [clang-analyzer-deadcode.DeadStores]
protocol = &alps_v9_protocol_data;
^ ~~~~~~~~~~~~~~~~~~~~~~
drivers/input/mouse/alps.c:2932:4: note: Value stored to 'protocol' is never read
protocol = &alps_v9_protocol_data;
^ ~~~~~~~~~~~~~~~~~~~~~~
drivers/input/mouse/alps.c:2946:3: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(priv->dev_id, e7, 3);
^
arch/x86/include/asm/string_32.h:150:25: note: expanded from macro 'memcpy'
#define memcpy(t, f, n) __builtin_memcpy(t, f, n)
^~~~~~~~~~~~~~~~
drivers/input/mouse/alps.c:2946:3: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(priv->dev_id, e7, 3);
^
arch/x86/include/asm/string_32.h:150:25: note: expanded from macro 'memcpy'
#define memcpy(t, f, n) __builtin_memcpy(t, f, n)
^~~~~~~~~~~~~~~~
drivers/input/mouse/alps.c:2947:3: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(priv->fw_ver, ec, 3);
^
arch/x86/include/asm/string_32.h:150:25: note: expanded from macro 'memcpy'
#define memcpy(t, f, n) __builtin_memcpy(t, f, n)
^~~~~~~~~~~~~~~~
drivers/input/mouse/alps.c:2947:3: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(priv->fw_ver, ec, 3);
^
arch/x86/include/asm/string_32.h:150:25: note: expanded from macro 'memcpy'
#define memcpy(t, f, n) __builtin_memcpy(t, f, n)
^~~~~~~~~~~~~~~~
drivers/input/mouse/alps.c:3102:3: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
snprintf(priv->phys2, sizeof(priv->phys2), "%s/input1",
^~~~~~~~
drivers/input/mouse/alps.c:3102:3: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
snprintf(priv->phys2, sizeof(priv->phys2), "%s/input1",
^~~~~~~~
Suppressed 32 warnings (32 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
9 warnings generated.
Suppressed 9 warnings (9 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
23 warnings generated.
drivers/iio/adc/xilinx-xadc-core.c:628:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(data, 0, new_size);
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
drivers/iio/adc/xilinx-xadc-core.c:628:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(data, 0, new_size);
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
Suppressed 22 warnings (22 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
22 warnings generated.
Suppressed 22 warnings (22 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
22 warnings generated.
Suppressed 22 warnings (22 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
41 warnings generated.
Suppressed 41 warnings (41 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
22 warnings generated.
Suppressed 22 warnings (22 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
40 warnings generated.
sound/isa/cmi8330.c:300:2: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy]
strcpy(card->mixername, (acard->type == CMI8329) ? "CMI8329" : "CMI8330/C3D");
^~~~~~
sound/isa/cmi8330.c:300:2: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119
strcpy(card->mixername, (acard->type == CMI8329) ? "CMI8329" : "CMI8330/C3D");
^~~~~~
sound/isa/cmi8330.c:440:2: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy]
strcpy(pcm->name, (chip->type == CMI8329) ? "CMI8329" : "CMI8330");
^~~~~~
sound/isa/cmi8330.c:440:2: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119
strcpy(pcm->name, (chip->type == CMI8329) ? "CMI8329" : "CMI8330");
^~~~~~
sound/isa/cmi8330.c:595:2: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy]
strcpy(card->driver, (acard->type == CMI8329) ? "CMI8329" : "CMI8330/C3D");
^~~~~~
sound/isa/cmi8330.c:595:2: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119
strcpy(card->driver, (acard->type == CMI8329) ? "CMI8329" : "CMI8330/C3D");
^~~~~~
sound/isa/cmi8330.c:596:2: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy]
strcpy(card->shortname, (acard->type == CMI8329) ? "C-Media CMI8329" : "C-Media CMI8330/C3D");
^~~~~~
sound/isa/cmi8330.c:596:2: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119
strcpy(card->shortname, (acard->type == CMI8329) ? "C-Media CMI8329" : "C-Media CMI8330/C3D");
^~~~~~
>> sound/isa/cmi8330.c:597:2: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(card->longname, "%s at 0x%lx, irq %d, dma %d",
^~~~~~~
sound/isa/cmi8330.c:597:2: note: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(card->longname, "%s at 0x%lx, irq %d, dma %d",
^~~~~~~
Suppressed 35 warnings (35 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
112 warnings generated.
drivers/usb/early/xhci-dbc.c:204:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(seg->trbs, 0, PAGE_SIZE);
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
drivers/usb/early/xhci-dbc.c:204:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(seg->trbs, 0, PAGE_SIZE);
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
drivers/usb/early/xhci-dbc.c:241:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(xdbc.table_base, 0, PAGE_SIZE);
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
drivers/usb/early/xhci-dbc.c:241:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(xdbc.table_base, 0, PAGE_SIZE);
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
drivers/usb/early/xhci-dbc.c:242:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(xdbc.out_buf, 0, PAGE_SIZE);
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
drivers/usb/early/xhci-dbc.c:242:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(xdbc.out_buf, 0, PAGE_SIZE);
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
drivers/usb/early/xhci-dbc.c:274:2: warning: Value stored to 'index' is never read [clang-analyzer-deadcode.DeadStores]
index += XDBC_STRING_ENTRY_NUM;
^
drivers/usb/early/xhci-dbc.c:274:2: note: Value stored to 'index' is never read
drivers/usb/early/xhci-dbc.c:498:3: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(xdbc.in_buf, 0, XDBC_MAX_PACKET);
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
drivers/usb/early/xhci-dbc.c:498:3: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(xdbc.in_buf, 0, XDBC_MAX_PACKET);
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
drivers/usb/early/xhci-dbc.c:502:3: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(xdbc.out_buf, 0, XDBC_MAX_PACKET);
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
drivers/usb/early/xhci-dbc.c:502:3: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(xdbc.out_buf, 0, XDBC_MAX_PACKET);
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
drivers/usb/early/xhci-dbc.c:503:3: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(xdbc.out_buf, data, size);
^
arch/x86/include/asm/string_32.h:150:25: note: expanded from macro 'memcpy'
#define memcpy(t, f, n) __builtin_memcpy(t, f, n)
^~~~~~~~~~~~~~~~
drivers/usb/early/xhci-dbc.c:503:3: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(xdbc.out_buf, data, size);
^
arch/x86/include/asm/string_32.h:150:25: note: expanded from macro 'memcpy'
#define memcpy(t, f, n) __builtin_memcpy(t, f, n)
^~~~~~~~~~~~~~~~
drivers/usb/early/xhci-dbc.c:880:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(buf, 0, XDBC_MAX_PACKET);
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
drivers/usb/early/xhci-dbc.c:880:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(buf, 0, XDBC_MAX_PACKET);
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
Suppressed 104 warnings (104 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
39 warnings generated.
drivers/mfd/sm501.c:513:16: warning: Value stored to 'mode' during its initialization is never read [clang-analyzer-deadcode.DeadStores]
--
^~
mm/page_alloc.c:8595:2: note: Taking false branch
if (rc)
^
mm/page_alloc.c:8598:6: note: Assuming 'write' is not equal to 0
if (write)
^~~~~
mm/page_alloc.c:8598:2: note: Taking true branch
if (write)
^
mm/page_alloc.c:8599:3: note: Calling 'setup_per_zone_wmarks'
setup_per_zone_wmarks();
^~~~~~~~~~~~~~~~~~~~~~~
mm/page_alloc.c:8499:2: note: Calling '__setup_per_zone_wmarks'
__setup_per_zone_wmarks();
^~~~~~~~~~~~~~~~~~~~~~~~~
mm/page_alloc.c:8427:2: note: 'lowmem_pages' initialized to 0
unsigned long lowmem_pages = 0;
^~~~~~~~~~~~~~~~~~~~~~~~~~
mm/page_alloc.c:8432:2: note: Loop condition is false. Execution continues on line 8437
for_each_zone(zone) {
^
include/linux/mmzone.h:1132:2: note: expanded from macro 'for_each_zone'
for (zone = (first_online_pgdat())->node_zones; \
^
mm/page_alloc.c:8437:2: note: Loop condition is true. Entering loop body
for_each_zone(zone) {
^
include/linux/mmzone.h:1132:2: note: expanded from macro 'for_each_zone'
for (zone = (first_online_pgdat())->node_zones; \
^
mm/page_alloc.c:8440:3: note: Loop condition is false. Exiting loop
spin_lock_irqsave(&zone->lock, flags);
^
include/linux/spinlock.h:379:2: note: expanded from macro 'spin_lock_irqsave'
raw_spin_lock_irqsave(spinlock_check(lock), flags); \
^
include/linux/spinlock.h:240:2: note: expanded from macro 'raw_spin_lock_irqsave'
do { \
^
mm/page_alloc.c:8440:3: note: Loop condition is false. Exiting loop
spin_lock_irqsave(&zone->lock, flags);
^
include/linux/spinlock.h:377:43: note: expanded from macro 'spin_lock_irqsave'
#define spin_lock_irqsave(lock, flags) \
^
mm/page_alloc.c:8442:3: note: The value 0 is assigned to '__base'
do_div(tmp, lowmem_pages);
^
arch/x86/include/asm/div64.h:25:2: note: expanded from macro 'do_div'
__base = (base); \
^~~~~~~~~~~~~~~
mm/page_alloc.c:8442:3: note: Left side of '&&' is false
do_div(tmp, lowmem_pages);
^
arch/x86/include/asm/div64.h:26:35: note: expanded from macro 'do_div'
if (__builtin_constant_p(__base) && is_power_of_2(__base)) { \
^
mm/page_alloc.c:8442:3: note: Assuming '__high' is not equal to 0
do_div(tmp, lowmem_pages);
^
arch/x86/include/asm/div64.h:32:7: note: expanded from macro 'do_div'
if (__high) { \
^~~~~~
mm/page_alloc.c:8442:3: note: Taking true branch
do_div(tmp, lowmem_pages);
^
arch/x86/include/asm/div64.h:32:3: note: expanded from macro 'do_div'
if (__high) { \
^
mm/page_alloc.c:8442:3: note: Division by zero
do_div(tmp, lowmem_pages);
^
arch/x86/include/asm/div64.h:33:21: note: expanded from macro 'do_div'
__upper = __high % (__base); \
~~~~~~~^~~~~~~~~~
Suppressed 43 warnings (42 in non-user code, 1 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
9 warnings generated.
Suppressed 9 warnings (9 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
9 warnings generated.
Suppressed 9 warnings (9 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
9 warnings generated.
Suppressed 9 warnings (9 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
38 warnings generated.
drivers/thermal/intel/intel_menlow.c:309:9: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
return sprintf(buf, "%lu", deci_kelvin_to_celsius(value));
^~~~~~~
drivers/thermal/intel/intel_menlow.c:309:9: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
return sprintf(buf, "%lu", deci_kelvin_to_celsius(value));
^~~~~~~
drivers/thermal/intel/intel_menlow.c:332:7: warning: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
if (!sscanf(buf, "%d", &value))
^~~~~~
drivers/thermal/intel/intel_menlow.c:332:7: note: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11
if (!sscanf(buf, "%d", &value))
^~~~~~
>> drivers/thermal/intel/intel_menlow.c:369:9: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
return sprintf(buf, "%s\n", bios_enabled ? "enabled" : "disabled");
^~~~~~~
drivers/thermal/intel/intel_menlow.c:369:9: note: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
return sprintf(buf, "%s\n", bios_enabled ? "enabled" : "disabled");
^~~~~~~
Suppressed 35 warnings (35 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
41 warnings generated.
Suppressed 41 warnings (41 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
35 warnings generated.
Suppressed 35 warnings (35 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
16 warnings generated.
Suppressed 16 warnings (16 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
16 warnings generated.
Suppressed 16 warnings (16 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
35 warnings generated.
Suppressed 35 warnings (35 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
16 warnings generated.
Suppressed 16 warnings (16 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
61 warnings generated.
drivers/base/property.c:1155:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(endpoint, 0, sizeof(*endpoint));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
drivers/base/property.c:1155:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(endpoint, 0, sizeof(*endpoint));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
Suppressed 60 warnings (60 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
35 warnings generated.
sound/core/seq/oss/seq_oss_synth.c:208:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(dp->synths, 0, sizeof(dp->synths));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
sound/core/seq/oss/seq_oss_synth.c:208:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(dp->synths, 0, sizeof(dp->synths));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
sound/core/seq/oss/seq_oss_synth.c:426:3: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(&ev, 0, sizeof(ev));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
sound/core/seq/oss/seq_oss_synth.c:426:3: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(&ev, 0, sizeof(ev));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
sound/core/seq/oss/seq_oss_synth.c:597:2: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(ev->data.raw8.d, data, 8);
^
arch/x86/include/asm/string_32.h:150:25: note: expanded from macro 'memcpy'
#define memcpy(t, f, n) __builtin_memcpy(t, f, n)
^~~~~~~~~~~~~~~~
sound/core/seq/oss/seq_oss_synth.c:597:2: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(ev->data.raw8.d, data, 8);
^
arch/x86/include/asm/string_32.h:150:25: note: expanded from macro 'memcpy'
#define memcpy(t, f, n) __builtin_memcpy(t, f, n)
^~~~~~~~~~~~~~~~
Suppressed 32 warnings (32 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
37 warnings generated.
sound/core/seq/oss/seq_oss_midi.c:353:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(&subs, 0, sizeof(subs));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
sound/core/seq/oss/seq_oss_midi.c:353:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(&subs, 0, sizeof(subs));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
sound/core/seq/oss/seq_oss_midi.c:399:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(&subs, 0, sizeof(subs));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
sound/core/seq/oss/seq_oss_midi.c:399:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(&subs, 0, sizeof(subs));
--
^~~~~~~~
Suppressed 35 warnings (35 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
15 warnings generated.
Suppressed 15 warnings (15 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
15 warnings generated.
Suppressed 15 warnings (15 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
15 warnings generated.
Suppressed 15 warnings (15 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
35 warnings generated.
Suppressed 35 warnings (35 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
35 warnings generated.
Suppressed 35 warnings (35 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
37 warnings generated.
drivers/pci/probe.c:1013:4: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
snprintf(addr, sizeof(addr), fmt,
^~~~~~~~
drivers/pci/probe.c:1013:4: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
snprintf(addr, sizeof(addr), fmt,
^~~~~~~~
drivers/pci/probe.c:1447:2: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(child->name,
^~~~~~~
drivers/pci/probe.c:1447:2: note: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(child->name,
^~~~~~~
Suppressed 35 warnings (35 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
35 warnings generated.
Suppressed 35 warnings (35 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
35 warnings generated.
Suppressed 35 warnings (35 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
50 warnings generated.
sound/core/oss/mixer_oss.c:89:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(&info, 0, sizeof(info));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
sound/core/oss/mixer_oss.c:89:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(&info, 0, sizeof(info));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
sound/core/oss/mixer_oss.c:105:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(&info, 0, sizeof(info));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
sound/core/oss/mixer_oss.c:105:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(&info, 0, sizeof(info));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
sound/core/oss/mixer_oss.c:401:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(&fmixer, 0, sizeof(fmixer));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
sound/core/oss/mixer_oss.c:401:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(&fmixer, 0, sizeof(fmixer));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
sound/core/oss/mixer_oss.c:523:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(&id, 0, sizeof(id));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
sound/core/oss/mixer_oss.c:523:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(&id, 0, sizeof(id));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
sound/core/oss/mixer_oss.c:982:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(rslot, 0, sizeof(*rslot));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
sound/core/oss/mixer_oss.c:982:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(rslot, 0, sizeof(*rslot));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
>> sound/core/oss/mixer_oss.c:999:2: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(str, "%s Switch", ptr->name);
^~~~~~~
sound/core/oss/mixer_oss.c:999:2: note: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(str, "%s Switch", ptr->name);
^~~~~~~
sound/core/oss/mixer_oss.c:1004:2: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(str, "%s Route", ptr->name);
^~~~~~~
sound/core/oss/mixer_oss.c:1004:2: note: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(str, "%s Route", ptr->name);
^~~~~~~
sound/core/oss/mixer_oss.c:1009:2: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(str, "%s Volume", ptr->name);
^~~~~~~
sound/core/oss/mixer_oss.c:1009:2: note: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(str, "%s Volume", ptr->name);
^~~~~~~
sound/core/oss/mixer_oss.c:1014:2: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(str, "%s Playback Switch", ptr->name);
^~~~~~~
sound/core/oss/mixer_oss.c:1014:2: note: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(str, "%s Playback Switch", ptr->name);
^~~~~~~
sound/core/oss/mixer_oss.c:1019:2: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(str, "%s Playback Route", ptr->name);
^~~~~~~
sound/core/oss/mixer_oss.c:1019:2: note: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(str, "%s Playback Route", ptr->name);
^~~~~~~
sound/core/oss/mixer_oss.c:1024:2: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(str, "%s Playback Volume", ptr->name);
^~~~~~~
sound/core/oss/mixer_oss.c:1024:2: note: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(str, "%s Playback Volume", ptr->name);
^~~~~~~
sound/core/oss/mixer_oss.c:1029:2: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(str, "%s Capture Switch", ptr->name);
^~~~~~~
sound/core/oss/mixer_oss.c:1029:2: note: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(str, "%s Capture Switch", ptr->name);
^~~~~~~
sound/core/oss/mixer_oss.c:1034:2: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(str, "%s Capture Route", ptr->name);
^~~~~~~
sound/core/oss/mixer_oss.c:1034:2: note: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(str, "%s Capture Route", ptr->name);
^~~~~~~
sound/core/oss/mixer_oss.c:1039:2: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(str, "%s Capture Volume", ptr->name);
^~~~~~~
sound/core/oss/mixer_oss.c:1039:2: note: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(str, "%s Capture Volume", ptr->name);
^~~~~~~
sound/core/oss/mixer_oss.c:1067:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(&slot, 0, sizeof(slot));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
sound/core/oss/mixer_oss.c:1067:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(&slot, 0, sizeof(slot));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
sound/core/oss/mixer_oss.c:1068:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(slot.numid, 0xff, sizeof(slot.numid)); /* ID_UNKNOWN */
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
sound/core/oss/mixer_oss.c:1068:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(slot.numid, 0xff, sizeof(slot.numid)); /* ID_UNKNOWN */
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
sound/core/oss/mixer_oss.c:1089:3: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy]
strcpy(str, ptr->name);
^~~~~~
sound/core/oss/mixer_oss.c:1089:3: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119
strcpy(str, ptr->name);
^~~~~~
sound/core/oss/mixer_oss.c:1397:4: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
snprintf(mixer->name, sizeof(mixer->name),
^~~~~~~~
sound/core/oss/mixer_oss.c:1397:4: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
snprintf(mixer->name, sizeof(mixer->name),
^~~~~~~~
Suppressed 32 warnings (32 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
38 warnings generated.
sound/isa/es1688/es1688_lib.c:602:2: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(tmp, "ES%s688 rev %i", chip->hardware == ES1688_HW_688 ? "" : "1", chip->version & 0x0f);
^~~~~~~
sound/isa/es1688/es1688_lib.c:602:2: note: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(tmp, "ES%s688 rev %i", chip->hardware == ES1688_HW_688 ? "" : "1", chip->version & 0x0f);
^~~~~~~
sound/isa/es1688/es1688_lib.c:706:2: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy]
strcpy(pcm->name, snd_es1688_chip_id(chip));
--
^~~~~~~~~~~~~~~~~~
fs/nfs/callback_xdr.c:875:11: note: Calling 'decode_op_hdr'
status = decode_op_hdr(&rqstp->rq_arg_stream, &op_nr);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/nfs/callback_xdr.c:170:15: note: Assuming 'p' is equal to null
if (unlikely(p == NULL))
^
include/linux/compiler.h:78:42: note: expanded from macro 'unlikely'
# define unlikely(x) __builtin_expect(!!(x), 0)
^
fs/nfs/callback_xdr.c:170:2: note: Taking true branch
if (unlikely(p == NULL))
^
fs/nfs/callback_xdr.c:171:3: note: Returning without writing to '*op'
return htonl(NFS4ERR_RESOURCE_HDR);
^
fs/nfs/callback_xdr.c:875:11: note: Returning from 'decode_op_hdr'
status = decode_op_hdr(&rqstp->rq_arg_stream, &op_nr);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/nfs/callback_xdr.c:876:6: note: Assuming 'status' is 0
if (unlikely(status))
^
include/linux/compiler.h:78:40: note: expanded from macro 'unlikely'
# define unlikely(x) __builtin_expect(!!(x), 0)
^~~~
fs/nfs/callback_xdr.c:876:2: note: Taking false branch
if (unlikely(status))
^
fs/nfs/callback_xdr.c:879:2: note: Control jumps to the 'default' case at line 889
switch (cps->minorversion) {
^
fs/nfs/callback_xdr.c:893:6: note: Assuming the condition is false
if (status == htonl(NFS4ERR_OP_ILLEGAL))
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/nfs/callback_xdr.c:893:2: note: Taking false branch
if (status == htonl(NFS4ERR_OP_ILLEGAL))
^
fs/nfs/callback_xdr.c:895:6: note: Assuming 'status' is not equal to 0
if (status)
^~~~~~
fs/nfs/callback_xdr.c:895:2: note: Taking true branch
if (status)
^
fs/nfs/callback_xdr.c:896:3: note: Control jumps to line 914
goto encode_hdr;
^
fs/nfs/callback_xdr.c:914:8: note: 2nd function call argument is an uninitialized value
res = encode_op_hdr(xdr_out, op_nr, status);
^ ~~~~~
Suppressed 88 warnings (88 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
42 warnings generated.
sound/core/oss/pcm_oss.c:922:3: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(params, sparams, sizeof(*params));
^
arch/x86/include/asm/string_32.h:150:25: note: expanded from macro 'memcpy'
#define memcpy(t, f, n) __builtin_memcpy(t, f, n)
^~~~~~~~~~~~~~~~
sound/core/oss/pcm_oss.c:922:3: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(params, sparams, sizeof(*params));
^
arch/x86/include/asm/string_32.h:150:25: note: expanded from macro 'memcpy'
#define memcpy(t, f, n) __builtin_memcpy(t, f, n)
^~~~~~~~~~~~~~~~
sound/core/oss/pcm_oss.c:2201:3: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(&info, 0, sizeof(info));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
sound/core/oss/pcm_oss.c:2201:3: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(&info, 0, sizeof(info));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
sound/core/oss/pcm_oss.c:2513:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(setup, 0, sizeof(setup));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
sound/core/oss/pcm_oss.c:2513:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(setup, 0, sizeof(setup));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
sound/core/oss/pcm_oss.c:2869:4: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(&ofile, 0, sizeof(ofile));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
sound/core/oss/pcm_oss.c:2869:4: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(&ofile, 0, sizeof(ofile));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
>> sound/core/oss/pcm_oss.c:3150:3: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(name, "%s%s", pcm->name, duplex ? " (DUPLEX)" : "");
^~~~~~~
sound/core/oss/pcm_oss.c:3150:3: note: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(name, "%s%s", pcm->name, duplex ? " (DUPLEX)" : "");
^~~~~~~
Suppressed 37 warnings (37 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
63 warnings generated.
include/linux/list.h:88:2: warning: Use of memory after it is freed [clang-analyzer-unix.Malloc]
__list_add(new, head, head->next);
^
kernel/audit_watch.c:476:19: note: Assuming 'audit_watch_group' is equal to field 'group'
if (WARN_ON_ONCE(inode_mark->group != audit_watch_group))
^
include/asm-generic/bug.h:104:25: note: expanded from macro 'WARN_ON_ONCE'
int __ret_warn_on = !!(condition); \
^~~~~~~~~
kernel/audit_watch.c:476:6: note: Taking false branch
if (WARN_ON_ONCE(inode_mark->group != audit_watch_group))
^
include/asm-generic/bug.h:105:2: note: expanded from macro 'WARN_ON_ONCE'
if (unlikely(__ret_warn_on)) \
^
kernel/audit_watch.c:476:2: note: Taking false branch
if (WARN_ON_ONCE(inode_mark->group != audit_watch_group))
^
kernel/audit_watch.c:479:6: note: Assuming the condition is true
if (mask & (FS_CREATE|FS_MOVED_TO) && inode)
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
kernel/audit_watch.c:479:6: note: Left side of '&&' is true
kernel/audit_watch.c:479:40: note: Assuming 'inode' is non-null
if (mask & (FS_CREATE|FS_MOVED_TO) && inode)
^~~~~
kernel/audit_watch.c:479:2: note: Taking true branch
if (mask & (FS_CREATE|FS_MOVED_TO) && inode)
^
kernel/audit_watch.c:480:3: note: Calling 'audit_update_watch'
audit_update_watch(parent, dname, inode->i_sb->s_dev, inode->i_ino, 0);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
kernel/audit_watch.c:256:2: note: Loop condition is true. Entering loop body
list_for_each_entry_safe(owatch, nextw, &parent->watches, wlist) {
^
include/linux/list.h:725:2: note: expanded from macro 'list_for_each_entry_safe'
for (pos = list_first_entry(head, typeof(*pos), member), \
^
kernel/audit_watch.c:257:7: note: Assuming the condition is false
if (audit_compare_dname_path(dname, owatch->path,
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
kernel/audit_watch.c:257:3: note: Taking false branch
if (audit_compare_dname_path(dname, owatch->path,
^
kernel/audit_watch.c:263:7: note: 'invalidating' is 0
if (invalidating && !audit_dummy_context())
^~~~~~~~~~~~
kernel/audit_watch.c:263:20: note: Left side of '&&' is false
if (invalidating && !audit_dummy_context())
^
kernel/audit_watch.c:269:3: note: Taking false branch
if (IS_ERR(nwatch)) {
^
kernel/audit_watch.c:277:3: note: Loop condition is false. Execution continues on line 309
list_for_each_entry_safe(r, nextr, &owatch->rules, rlist) {
^
include/linux/list.h:725:2: note: expanded from macro 'list_for_each_entry_safe'
for (pos = list_first_entry(head, typeof(*pos), member), \
^
kernel/audit_watch.c:309:3: note: Calling 'audit_remove_watch'
audit_remove_watch(owatch);
^~~~~~~~~~~~~~~~~~~~~~~~~~
kernel/audit_watch.c:120:2: note: Calling 'audit_put_watch'
audit_put_watch(watch); /* match initial get */
^~~~~~~~~~~~~~~~~~~~~~
kernel/audit_watch.c:107:2: note: Taking true branch
if (refcount_dec_and_test(&watch->count)) {
^
kernel/audit_watch.c:108:3: note: Taking false branch
WARN_ON(watch->parent);
^
include/asm-generic/bug.h:122:2: note: expanded from macro 'WARN_ON'
if (unlikely(__ret_warn_on)) \
^
kernel/audit_watch.c:109:3: note: Assuming '__ret_warn_on' is 0
WARN_ON(!list_empty(&watch->rules));
^
include/asm-generic/bug.h:122:6: note: expanded from macro 'WARN_ON'
if (unlikely(__ret_warn_on)) \
^~~~~~~~~~~~~~~~~~~~~~~
include/linux/compiler.h:78:40: note: expanded from macro 'unlikely'
# define unlikely(x) __builtin_expect(!!(x), 0)
^~~~
kernel/audit_watch.c:109:3: note: Taking false branch
WARN_ON(!list_empty(&watch->rules));
^
include/asm-generic/bug.h:122:2: note: expanded from macro 'WARN_ON'
if (unlikely(__ret_warn_on)) \
^
kernel/audit_watch.c:111:3: note: Memory is released
kfree(watch);
^~~~~~~~~~~~
kernel/audit_watch.c:120:2: note: Returning; memory was released
--
^~~~~~~~~~~~~~~~
crypto/gcm.c:735:2: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(iv, ctx->nonce, 4);
^
arch/x86/include/asm/string_32.h:150:25: note: expanded from macro 'memcpy'
#define memcpy(t, f, n) __builtin_memcpy(t, f, n)
^~~~~~~~~~~~~~~~
crypto/gcm.c:736:2: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(iv + 4, req->iv, 8);
^
arch/x86/include/asm/string_32.h:150:25: note: expanded from macro 'memcpy'
#define memcpy(t, f, n) __builtin_memcpy(t, f, n)
^~~~~~~~~~~~~~~~
crypto/gcm.c:736:2: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(iv + 4, req->iv, 8);
^
arch/x86/include/asm/string_32.h:150:25: note: expanded from macro 'memcpy'
#define memcpy(t, f, n) __builtin_memcpy(t, f, n)
^~~~~~~~~~~~~~~~
crypto/gcm.c:863:6: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
if (snprintf(inst->alg.base.cra_name, CRYPTO_MAX_ALG_NAME,
^~~~~~~~
crypto/gcm.c:863:6: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
if (snprintf(inst->alg.base.cra_name, CRYPTO_MAX_ALG_NAME,
^~~~~~~~
crypto/gcm.c:866:6: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
snprintf(inst->alg.base.cra_driver_name, CRYPTO_MAX_ALG_NAME,
^~~~~~~~
crypto/gcm.c:866:6: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
snprintf(inst->alg.base.cra_driver_name, CRYPTO_MAX_ALG_NAME,
^~~~~~~~
crypto/gcm.c:909:2: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(ctx->nonce, key + keylen, 4);
^
arch/x86/include/asm/string_32.h:150:25: note: expanded from macro 'memcpy'
#define memcpy(t, f, n) __builtin_memcpy(t, f, n)
^~~~~~~~~~~~~~~~
crypto/gcm.c:909:2: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(ctx->nonce, key + keylen, 4);
^
arch/x86/include/asm/string_32.h:150:25: note: expanded from macro 'memcpy'
#define memcpy(t, f, n) __builtin_memcpy(t, f, n)
^~~~~~~~~~~~~~~~
crypto/gcm.c:945:2: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(iv, ctx->nonce, 4);
^
arch/x86/include/asm/string_32.h:150:25: note: expanded from macro 'memcpy'
#define memcpy(t, f, n) __builtin_memcpy(t, f, n)
^~~~~~~~~~~~~~~~
crypto/gcm.c:945:2: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(iv, ctx->nonce, 4);
^
arch/x86/include/asm/string_32.h:150:25: note: expanded from macro 'memcpy'
#define memcpy(t, f, n) __builtin_memcpy(t, f, n)
^~~~~~~~~~~~~~~~
crypto/gcm.c:946:2: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(iv + 4, req->iv, 8);
^
arch/x86/include/asm/string_32.h:150:25: note: expanded from macro 'memcpy'
#define memcpy(t, f, n) __builtin_memcpy(t, f, n)
^~~~~~~~~~~~~~~~
crypto/gcm.c:946:2: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(iv + 4, req->iv, 8);
^
arch/x86/include/asm/string_32.h:150:25: note: expanded from macro 'memcpy'
#define memcpy(t, f, n) __builtin_memcpy(t, f, n)
^~~~~~~~~~~~~~~~
crypto/gcm.c:1078:6: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
if (snprintf(inst->alg.base.cra_name, CRYPTO_MAX_ALG_NAME,
^~~~~~~~
crypto/gcm.c:1078:6: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
if (snprintf(inst->alg.base.cra_name, CRYPTO_MAX_ALG_NAME,
^~~~~~~~
crypto/gcm.c:1081:6: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
snprintf(inst->alg.base.cra_driver_name, CRYPTO_MAX_ALG_NAME,
^~~~~~~~
crypto/gcm.c:1081:6: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
snprintf(inst->alg.base.cra_driver_name, CRYPTO_MAX_ALG_NAME,
^~~~~~~~
Suppressed 41 warnings (41 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
22 warnings generated.
sound/synth/emux/emux_oss.c:63:2: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy]
strcpy(dev->name, emu->name);
^~~~~~
sound/synth/emux/emux_oss.c:63:2: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119
strcpy(dev->name, emu->name);
^~~~~~
sound/synth/emux/emux_oss.c:110:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(&callback, 0, sizeof(callback));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
sound/synth/emux/emux_oss.c:110:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(&callback, 0, sizeof(callback));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
>> sound/synth/emux/emux_oss.c:114:2: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(tmpname, "%s OSS Port", emu->name);
^~~~~~~
sound/synth/emux/emux_oss.c:114:2: note: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(tmpname, "%s OSS Port", emu->name);
^~~~~~~
sound/synth/emux/emux_oss.c:484:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(&ev, 0, sizeof(ev));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
sound/synth/emux/emux_oss.c:484:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(&ev, 0, sizeof(ev));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
Suppressed 18 warnings (18 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
68 warnings generated.
net/ax25/ax25_in.c:393:3: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(ax25->digipeat, &reverse_dp, sizeof(ax25_digi));
^
arch/x86/include/asm/string_32.h:150:25: note: expanded from macro 'memcpy'
#define memcpy(t, f, n) __builtin_memcpy(t, f, n)
^~~~~~~~~~~~~~~~
net/ax25/ax25_in.c:393:3: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(ax25->digipeat, &reverse_dp, sizeof(ax25_digi));
^
arch/x86/include/asm/string_32.h:150:25: note: expanded from macro 'memcpy'
#define memcpy(t, f, n) __builtin_memcpy(t, f, n)
^~~~~~~~~~~~~~~~
Suppressed 67 warnings (67 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
38 warnings generated.
sound/isa/cmi8328.c:154:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(&id1, 0, sizeof(id1));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
sound/isa/cmi8328.c:154:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(&id1, 0, sizeof(id1));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
sound/isa/cmi8328.c:155:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(&id2, 0, sizeof(id2));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
sound/isa/cmi8328.c:155:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(&id2, 0, sizeof(id2));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
sound/isa/cmi8328.c:367:2: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(card->longname, "%s at 0x%lx, irq %d, dma %d,%d",
^~~~~~~
sound/isa/cmi8328.c:367:2: note: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(card->longname, "%s at 0x%lx, irq %d, dma %d,%d",
^~~~~~~
Suppressed 35 warnings (35 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
64 warnings generated.
Suppressed 64 warnings (64 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
64 warnings generated.
Suppressed 64 warnings (64 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
47 warnings generated.
Suppressed 47 warnings (47 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
43 warnings generated.
Suppressed 43 warnings (43 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
43 warnings generated.
Suppressed 43 warnings (43 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
43 warnings generated.
Suppressed 43 warnings (43 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
35 warnings generated.
Suppressed 35 warnings (35 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
35 warnings generated.
Suppressed 35 warnings (35 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
37 warnings generated.
arch/x86/pci/mmconfig-shared.c:91:2: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
snprintf(new->name, PCI_MMCFG_RESOURCE_NAME_LEN,
^~~~~~~~
arch/x86/pci/mmconfig-shared.c:91:2: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
snprintf(new->name, PCI_MMCFG_RESOURCE_NAME_LEN,
^~~~~~~~
arch/x86/pci/mmconfig-shared.c:479:3: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
snprintf(cfg->name, PCI_MMCFG_RESOURCE_NAME_LEN,
--
^
drivers/of/property.c:1456:22: warning: Value stored to 'con_np' during its initialization is never read [clang-analyzer-deadcode.DeadStores]
struct device_node *con_np = to_of_node(fwnode);
^~~~~~
drivers/of/property.c:1456:22: note: Value stored to 'con_np' during its initialization is never read
struct device_node *con_np = to_of_node(fwnode);
^~~~~~
Suppressed 22 warnings (22 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
68 warnings generated.
net/core/net_namespace.c:115:2: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(&ng->ptr[MIN_PERNET_OPS_ID], &old_ng->ptr[MIN_PERNET_OPS_ID],
^
arch/x86/include/asm/string_32.h:150:25: note: expanded from macro 'memcpy'
#define memcpy(t, f, n) __builtin_memcpy(t, f, n)
^~~~~~~~~~~~~~~~
net/core/net_namespace.c:115:2: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(&ng->ptr[MIN_PERNET_OPS_ID], &old_ng->ptr[MIN_PERNET_OPS_ID],
^
arch/x86/include/asm/string_32.h:150:25: note: expanded from macro 'memcpy'
#define memcpy(t, f, n) __builtin_memcpy(t, f, n)
^~~~~~~~~~~~~~~~
Suppressed 67 warnings (67 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
34 warnings generated.
drivers/fpga/dfl.c:309:9: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
return sprintf(buf, "0x%x\n", ddev->type);
^~~~~~~
drivers/fpga/dfl.c:309:9: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
return sprintf(buf, "0x%x\n", ddev->type);
^~~~~~~
drivers/fpga/dfl.c:318:9: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
return sprintf(buf, "0x%x\n", ddev->feature_id);
^~~~~~~
drivers/fpga/dfl.c:318:9: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
return sprintf(buf, "0x%x\n", ddev->feature_id);
^~~~~~~
Suppressed 32 warnings (32 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
35 warnings generated.
Suppressed 35 warnings (35 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
69 warnings generated.
drivers/net/hamradio/hdlcdrv.c:150:2: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(cp, s->hdlcrx.buffer, pkt_len - 1);
^
arch/x86/include/asm/string_32.h:150:25: note: expanded from macro 'memcpy'
#define memcpy(t, f, n) __builtin_memcpy(t, f, n)
^~~~~~~~~~~~~~~~
drivers/net/hamradio/hdlcdrv.c:150:2: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(cp, s->hdlcrx.buffer, pkt_len - 1);
^
arch/x86/include/asm/string_32.h:150:25: note: expanded from macro 'memcpy'
#define memcpy(t, f, n) __builtin_memcpy(t, f, n)
^~~~~~~~~~~~~~~~
drivers/net/hamradio/hdlcdrv.c:678:2: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(dev->broadcast, &ax25_bcast, AX25_ADDR_LEN);
^
arch/x86/include/asm/string_32.h:150:25: note: expanded from macro 'memcpy'
#define memcpy(t, f, n) __builtin_memcpy(t, f, n)
^~~~~~~~~~~~~~~~
drivers/net/hamradio/hdlcdrv.c:678:2: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(dev->broadcast, &ax25_bcast, AX25_ADDR_LEN);
^
arch/x86/include/asm/string_32.h:150:25: note: expanded from macro 'memcpy'
#define memcpy(t, f, n) __builtin_memcpy(t, f, n)
^~~~~~~~~~~~~~~~
Suppressed 67 warnings (67 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
35 warnings generated.
Suppressed 35 warnings (35 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
36 warnings generated.
sound/virtio/virtio_pcm.c:428:3: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
snprintf(vpcm->pcm->name, sizeof(vpcm->pcm->name),
^~~~~~~~
sound/virtio/virtio_pcm.c:428:3: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
snprintf(vpcm->pcm->name, sizeof(vpcm->pcm->name),
^~~~~~~~
Suppressed 35 warnings (35 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
38 warnings generated.
sound/virtio/virtio_pcm_msg.c:224:3: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(&msg->status, 0, sizeof(msg->status));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
sound/virtio/virtio_pcm_msg.c:224:3: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(&msg->status, 0, sizeof(msg->status));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
Suppressed 37 warnings (37 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
35 warnings generated.
Suppressed 35 warnings (35 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
36 warnings generated.
>> sound/isa/ad1816a/ad1816a.c:150:2: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(card->longname, "%s, SS at 0x%lx, irq %d, dma %d&%d",
^~~~~~~
sound/isa/ad1816a/ad1816a.c:150:2: note: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(card->longname, "%s, SS at 0x%lx, irq %d, dma %d&%d",
^~~~~~~
Suppressed 35 warnings (35 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
32 warnings generated.
Suppressed 32 warnings (32 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
32 warnings generated.
Suppressed 32 warnings (32 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
35 warnings generated.
Suppressed 35 warnings (35 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
37 warnings generated.
arch/x86/pci/irq.c:132:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(busmap, 0, sizeof(busmap));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
arch/x86/pci/irq.c:132:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(busmap, 0, sizeof(busmap));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
arch/x86/pci/irq.c:1409:3: warning: Value stored to 'rtable' is never read [clang-analyzer-deadcode.DeadStores]
rtable = pirq_table;
^ ~~~~~~~~~~
arch/x86/pci/irq.c:1409:3: note: Value stored to 'rtable' is never read
rtable = pirq_table;
^ ~~~~~~~~~~
Suppressed 35 warnings (35 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
35 warnings generated.
Suppressed 35 warnings (35 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
35 warnings generated.
Suppressed 35 warnings (35 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
36 warnings generated.
arch/x86/pci/bus_numa.c:80:2: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(info->name, "PCI Bus #%02x", bus_min);
^~~~~~~
arch/x86/pci/bus_numa.c:80:2: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(info->name, "PCI Bus #%02x", bus_min);
^~~~~~~
Suppressed 35 warnings (35 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
36 warnings generated.
sound/isa/sb/sb_mixer.c:721:2: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy]
strcpy(card->mixername, name);
^~~~~~
sound/isa/sb/sb_mixer.c:721:2: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119
strcpy(card->mixername, name);
^~~~~~
Suppressed 35 warnings (35 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
36 warnings generated.
sound/isa/sb/sb16_main.c:843:2: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(pcm->name, "DSP v%i.%i", chip->version >> 8, chip->version & 0xff);
^~~~~~~
sound/isa/sb/sb16_main.c:843:2: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(pcm->name, "DSP v%i.%i", chip->version >> 8, chip->version & 0xff);
^~~~~~~
Suppressed 35 warnings (35 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
40 warnings generated.
Suppressed 40 warnings (40 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
27 warnings generated.
sound/isa/sb/emu8000.c:1031:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(emu->controls, 0, sizeof(emu->controls));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
sound/isa/sb/emu8000.c:1031:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(emu->controls, 0, sizeof(emu->controls));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
Suppressed 26 warnings (26 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
23 warnings generated.
drivers/iio/chemical/bme680_core.c:741:2: warning: Value stored to 'ret' is never read [clang-analyzer-deadcode.DeadStores]
ret = regmap_read(data->regmap, BME680_REG_MEAS_STAT_0, &check);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/iio/chemical/bme680_core.c:741:2: note: Value stored to 'ret' is never read
ret = regmap_read(data->regmap, BME680_REG_MEAS_STAT_0, &check);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Suppressed 22 warnings (22 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
41 warnings generated.
Suppressed 41 warnings (41 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
vim +304 drivers/net/hamradio/baycom_epp.c
^1da177e4c3f41 Linus Torvalds 2005-04-16 290
^1da177e4c3f41 Linus Torvalds 2005-04-16 291 /* eppconfig: called during ifconfig up to configure the modem */
^1da177e4c3f41 Linus Torvalds 2005-04-16 292 static int eppconfig(struct baycom_state *bc)
^1da177e4c3f41 Linus Torvalds 2005-04-16 293 {
^1da177e4c3f41 Linus Torvalds 2005-04-16 294 char modearg[256];
^1da177e4c3f41 Linus Torvalds 2005-04-16 295 char portarg[16];
377e7a27c049d6 Greg Kroah-Hartman 2016-12-11 296 char *argv[] = {
377e7a27c049d6 Greg Kroah-Hartman 2016-12-11 297 (char *)eppconfig_path,
377e7a27c049d6 Greg Kroah-Hartman 2016-12-11 298 "-s",
377e7a27c049d6 Greg Kroah-Hartman 2016-12-11 299 "-p", portarg,
377e7a27c049d6 Greg Kroah-Hartman 2016-12-11 300 "-m", modearg,
^1da177e4c3f41 Linus Torvalds 2005-04-16 301 NULL };
^1da177e4c3f41 Linus Torvalds 2005-04-16 302
^1da177e4c3f41 Linus Torvalds 2005-04-16 303 /* set up arguments */
^1da177e4c3f41 Linus Torvalds 2005-04-16 @304 sprintf(modearg, "%sclk,%smodem,fclk=%d,bps=%d,divider=%d%s,extstat",
^1da177e4c3f41 Linus Torvalds 2005-04-16 305 bc->cfg.intclk ? "int" : "ext",
^1da177e4c3f41 Linus Torvalds 2005-04-16 306 bc->cfg.extmodem ? "ext" : "int", bc->cfg.fclk, bc->cfg.bps,
^1da177e4c3f41 Linus Torvalds 2005-04-16 307 (bc->cfg.fclk + 8 * bc->cfg.bps) / (16 * bc->cfg.bps),
^1da177e4c3f41 Linus Torvalds 2005-04-16 308 bc->cfg.loopback ? ",loopback" : "");
^1da177e4c3f41 Linus Torvalds 2005-04-16 309 sprintf(portarg, "%ld", bc->pdev->port->base);
^1da177e4c3f41 Linus Torvalds 2005-04-16 310 printk(KERN_DEBUG "%s: %s -s -p %s -m %s\n", bc_drvname, eppconfig_path, portarg, modearg);
^1da177e4c3f41 Linus Torvalds 2005-04-16 311
86313c488a6848 Jeremy Fitzhardinge 2007-07-17 312 return call_usermodehelper(eppconfig_path, argv, envp, UMH_WAIT_PROC);
^1da177e4c3f41 Linus Torvalds 2005-04-16 313 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 314
:::::: The code at line 304 was first introduced by commit
:::::: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 Linux-2.6.12-rc2
:::::: TO: Linus Torvalds <torvalds@ppc970.osdl.org>
:::::: CC: Linus Torvalds <torvalds@ppc970.osdl.org>
--
0-DAY CI Kernel Test Service
https://01.org/lkp
^ permalink raw reply [flat|nested] 2+ messages in thread
* drivers/net/hamradio/baycom_epp.c:304:2: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments...
@ 2022-08-07 19:58 kernel test robot
0 siblings, 0 replies; 2+ messages in thread
From: kernel test robot @ 2022-08-07 19:58 UTC (permalink / raw)
To: kbuild
[-- Attachment #1: Type: text/plain, Size: 20794 bytes --]
::::::
:::::: Manual check reason: "low confidence static check first_new_problem: drivers/net/hamradio/baycom_epp.c:304:2: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]"
::::::
BCC: lkp(a)intel.com
CC: llvm(a)lists.linux.dev
CC: kbuild-all(a)lists.01.org
CC: linux-kernel(a)vger.kernel.org
TO: Arnd Bergmann <arnd@arndb.de>
CC: Masahiro Yamada <masahiroy@kernel.org>
CC: Alex Shi <alexs@kernel.org>
CC: Nick Desaulniers <ndesaulniers@google.com>
CC: Miguel Ojeda <ojeda@kernel.org>
CC: Nathan Chancellor <nathan@kernel.org>
tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head: 1612c382ffbdf1f673caec76502b1c00e6d35363
commit: e8c07082a810fbb9db303a2b66b66b8d7e588b53 Kbuild: move to -std=gnu11
date: 5 months ago
:::::: branch date: 19 hours ago
:::::: commit date: 5 months ago
config: arm-randconfig-c002-20220801 (https://download.01.org/0day-ci/archive/20220808/202208080339.KIBRJwhx-lkp(a)intel.com/config)
compiler: clang version 16.0.0 (https://github.com/llvm/llvm-project 52cd00cabf479aa7eb6dbb063b7ba41ea57bce9e)
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# install arm cross compiling tool for clang build
# apt-get install binutils-arm-linux-gnueabi
# https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e8c07082a810fbb9db303a2b66b66b8d7e588b53
git remote add linus https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
git fetch --no-tags linus master
git checkout e8c07082a810fbb9db303a2b66b66b8d7e588b53
# save the config file
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=arm clang-analyzer
If you fix the issue, kindly add following tag where applicable
Reported-by: kernel test robot <lkp@intel.com>
clang-analyzer warnings: (new ones prefixed by >>)
^
drivers/md/bcache/btree.c:764:2: note: Loop condition is true. Entering loop body
while (!list_empty(&c->btree_cache_freed)) {
^
drivers/md/bcache/btree.c:769:3: note: Memory is released
kfree(b);
^~~~~~~~
drivers/md/bcache/btree.c:764:2: note: Loop condition is true. Entering loop body
while (!list_empty(&c->btree_cache_freed)) {
^
drivers/md/bcache/btree.c:767:3: note: Calling 'list_del'
list_del(&b->list);
^~~~~~~~~~~~~~~~~~
include/linux/list.h:148:2: note: Calling '__list_del_entry'
__list_del_entry(entry);
^~~~~~~~~~~~~~~~~~~~~~~
include/linux/list.h:134:6: note: Assuming the condition is false
if (!__list_del_entry_valid(entry))
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/list.h:134:2: note: Taking false branch
if (!__list_del_entry_valid(entry))
^
include/linux/list.h:137:13: note: Use of memory after it is freed
__list_del(entry->prev, entry->next);
^~~~~~~~~~~
include/linux/list.h:149:14: warning: Use of memory after it is freed [clang-analyzer-unix.Malloc]
entry->next = LIST_POISON1;
^
drivers/md/bcache/btree.c:734:6: note: Assuming field 'next' is null
if (c->shrink.list.next)
^~~~~~~~~~~~~~~~~~~
drivers/md/bcache/btree.c:734:2: note: Taking false branch
if (c->shrink.list.next)
^
drivers/md/bcache/btree.c:740:6: note: Assuming field 'verify_data' is null
if (c->verify_data)
^~~~~~~~~~~~~~
drivers/md/bcache/btree.c:740:2: note: Taking false branch
if (c->verify_data)
^
drivers/md/bcache/btree.c:743:47: note: '?' condition is false
free_pages((unsigned long) c->verify_ondisk, ilog2(meta_bucket_pages(&c->cache->sb)));
^
include/linux/log2.h:158:2: note: expanded from macro 'ilog2'
__builtin_constant_p(n) ? \
^
drivers/md/bcache/btree.c:743:47: note: '?' condition is true
free_pages((unsigned long) c->verify_ondisk, ilog2(meta_bucket_pages(&c->cache->sb)));
^
include/linux/log2.h:161:2: note: expanded from macro 'ilog2'
(sizeof(n) <= 4) ? \
^
drivers/md/bcache/btree.c:749:2: note: Loop condition is false. Execution continues on line 764
while (!list_empty(&c->btree_cache)) {
^
drivers/md/bcache/btree.c:764:2: note: Loop condition is true. Entering loop body
while (!list_empty(&c->btree_cache_freed)) {
^
drivers/md/bcache/btree.c:769:3: note: Memory is released
kfree(b);
^~~~~~~~
drivers/md/bcache/btree.c:764:2: note: Loop condition is true. Entering loop body
while (!list_empty(&c->btree_cache_freed)) {
^
drivers/md/bcache/btree.c:767:3: note: Calling 'list_del'
list_del(&b->list);
^~~~~~~~~~~~~~~~~~
include/linux/list.h:149:14: note: Use of memory after it is freed
entry->next = LIST_POISON1;
~~~~~~~~~~~ ^
Suppressed 46 warnings (46 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
66 warnings generated.
drivers/net/hamradio/baycom_par.c:319:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(&bc->modem, 0, sizeof(bc->modem));
^~~~~~
drivers/net/hamradio/baycom_par.c:319:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(&bc->modem, 0, sizeof(bc->modem));
^~~~~~
drivers/net/hamradio/baycom_par.c:321:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(&par_cb, 0, sizeof(par_cb));
^~~~~~
drivers/net/hamradio/baycom_par.c:321:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(&par_cb, 0, sizeof(par_cb));
^~~~~~
drivers/net/hamradio/baycom_par.c:430:3: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy]
strcpy(hi->data.modename, bc->options ? "par96" : "picpar");
^~~~~~
drivers/net/hamradio/baycom_par.c:430:3: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119
strcpy(hi->data.modename, bc->options ? "par96" : "picpar");
^~~~~~
drivers/net/hamradio/baycom_par.c:528:3: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(ifname, "bcp%d", i);
^~~~~~~
drivers/net/hamradio/baycom_par.c:528:3: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(ifname, "bcp%d", i);
^~~~~~~
Suppressed 62 warnings (62 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
82 warnings generated.
>> drivers/net/hamradio/baycom_epp.c:304:2: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(modearg, "%sclk,%smodem,fclk=%d,bps=%d,divider=%d%s,extstat",
^~~~~~~
drivers/net/hamradio/baycom_epp.c:304:2: note: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(modearg, "%sclk,%smodem,fclk=%d,bps=%d,divider=%d%s,extstat",
^~~~~~~
drivers/net/hamradio/baycom_epp.c:309:2: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(portarg, "%ld", bc->pdev->port->base);
^~~~~~~
drivers/net/hamradio/baycom_epp.c:309:2: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(portarg, "%ld", bc->pdev->port->base);
^~~~~~~
drivers/net/hamradio/baycom_epp.c:458:4: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(tmp, 0x7e, sizeof(tmp));
^~~~~~
drivers/net/hamradio/baycom_epp.c:458:4: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(tmp, 0x7e, sizeof(tmp));
^~~~~~
drivers/net/hamradio/baycom_epp.c:494:5: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(tmp, 0x7e, sizeof(tmp));
^~~~~~
drivers/net/hamradio/baycom_epp.c:494:5: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(tmp, 0x7e, sizeof(tmp));
^~~~~~
drivers/net/hamradio/baycom_epp.c:511:4: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(tmp, 0, sizeof(tmp));
^~~~~~
drivers/net/hamradio/baycom_epp.c:511:4: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(tmp, 0, sizeof(tmp));
^~~~~~
drivers/net/hamradio/baycom_epp.c:545:2: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(cp, bc->hdlcrx.buf, pktlen - 1);
^~~~~~
drivers/net/hamradio/baycom_epp.c:545:2: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(cp, bc->hdlcrx.buf, pktlen - 1);
^~~~~~
drivers/net/hamradio/baycom_epp.c:603:34: warning: The result of the left shift is undefined because the left operand is negative [clang-analyzer-core.UndefinedBinaryOperatorResult]
bitbuf = (bitbuf & ((~0xff) << j)) | ((bitbuf & ~((~0xff) << j)) << 1);
^
drivers/net/hamradio/baycom_epp.c:649:6: note: Assuming field 'work_running' is not equal to 0
if (!bc->work_running)
^~~~~~~~~~~~~~~~~
drivers/net/hamradio/baycom_epp.c:649:2: note: Taking false branch
if (!bc->work_running)
^
drivers/net/hamradio/baycom_epp.c:654:6: note: Assuming the condition is false
if (pp->ops->epp_read_addr(pp, &stat, 1, 0) != 1)
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/net/hamradio/baycom_epp.c:654:2: note: Taking false branch
if (pp->ops->epp_read_addr(pp, &stat, 1, 0) != 1)
^
drivers/net/hamradio/baycom_epp.c:659:6: note: Assuming field 'modem' is not equal to EPP_FPGAEXTSTATUS
if (bc->modem == EPP_FPGAEXTSTATUS) {
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/net/hamradio/baycom_epp.c:659:2: note: Taking false branch
if (bc->modem == EPP_FPGAEXTSTATUS) {
^
drivers/net/hamradio/baycom_epp.c:690:3: note: Control jumps to the 'default' case at line 703
switch (stat & (EPP_NTAEF|EPP_NTHF)) {
^
drivers/net/hamradio/baycom_epp.c:705:4: note: Execution continues on line 707
break;
^
drivers/net/hamradio/baycom_epp.c:707:3: note: Taking false branch
if (transmit(bc, cnt, stat))
^
drivers/net/hamradio/baycom_epp.c:711:10: note: Assuming the condition is true
while ((stat & (EPP_NRAEF|EPP_NRHF)) != EPP_NRHF) {
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/net/hamradio/baycom_epp.c:711:3: note: Loop condition is true. Entering loop body
while ((stat & (EPP_NRAEF|EPP_NRHF)) != EPP_NRHF) {
^
drivers/net/hamradio/baycom_epp.c:712:4: note: Control jumps to the 'default' case at line 721
switch (stat & (EPP_NRAEF|EPP_NRHF)) {
^
drivers/net/hamradio/baycom_epp.c:723:5: note: Execution continues on line 725
break;
^
drivers/net/hamradio/baycom_epp.c:725:8: note: Calling 'receive'
if (receive(dev, cnt))
^~~~~~~~~~~~~~~~~
drivers/net/hamradio/baycom_epp.c:565:2: note: Loop condition is true. Entering loop body
while (cnt > 0) {
^
drivers/net/hamradio/baycom_epp.c:566:10: note: '?' condition is true
cnt2 = (cnt > sizeof(tmp)) ? sizeof(tmp) : cnt;
^
drivers/net/hamradio/baycom_epp.c:568:7: note: Assuming the condition is false
if (cnt2 != pp->ops->epp_read_data(pp, tmp, cnt2, 0)) {
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/net/hamradio/baycom_epp.c:568:3: note: Taking false branch
if (cnt2 != pp->ops->epp_read_data(pp, tmp, cnt2, 0)) {
^
drivers/net/hamradio/baycom_epp.c:573:3: note: Loop condition is true. Entering loop body
for (; cnt2 > 0; cnt2--, cp++) {
^
drivers/net/hamradio/baycom_epp.c:580:4: note: Loop condition is true. Entering loop body
for (j = 0; j < 8; j++) {
^
drivers/net/hamradio/baycom_epp.c:583:25: note: Assuming the condition is false
if (unlikely(!(notbitstream & (0x0fc << j)))) {
vim +304 drivers/net/hamradio/baycom_epp.c
^1da177e4c3f41 Linus Torvalds 2005-04-16 290
^1da177e4c3f41 Linus Torvalds 2005-04-16 291 /* eppconfig: called during ifconfig up to configure the modem */
^1da177e4c3f41 Linus Torvalds 2005-04-16 292 static int eppconfig(struct baycom_state *bc)
^1da177e4c3f41 Linus Torvalds 2005-04-16 293 {
^1da177e4c3f41 Linus Torvalds 2005-04-16 294 char modearg[256];
^1da177e4c3f41 Linus Torvalds 2005-04-16 295 char portarg[16];
377e7a27c049d6 Greg Kroah-Hartman 2016-12-11 296 char *argv[] = {
377e7a27c049d6 Greg Kroah-Hartman 2016-12-11 297 (char *)eppconfig_path,
377e7a27c049d6 Greg Kroah-Hartman 2016-12-11 298 "-s",
377e7a27c049d6 Greg Kroah-Hartman 2016-12-11 299 "-p", portarg,
377e7a27c049d6 Greg Kroah-Hartman 2016-12-11 300 "-m", modearg,
^1da177e4c3f41 Linus Torvalds 2005-04-16 301 NULL };
^1da177e4c3f41 Linus Torvalds 2005-04-16 302
^1da177e4c3f41 Linus Torvalds 2005-04-16 303 /* set up arguments */
^1da177e4c3f41 Linus Torvalds 2005-04-16 @304 sprintf(modearg, "%sclk,%smodem,fclk=%d,bps=%d,divider=%d%s,extstat",
^1da177e4c3f41 Linus Torvalds 2005-04-16 305 bc->cfg.intclk ? "int" : "ext",
^1da177e4c3f41 Linus Torvalds 2005-04-16 306 bc->cfg.extmodem ? "ext" : "int", bc->cfg.fclk, bc->cfg.bps,
^1da177e4c3f41 Linus Torvalds 2005-04-16 307 (bc->cfg.fclk + 8 * bc->cfg.bps) / (16 * bc->cfg.bps),
^1da177e4c3f41 Linus Torvalds 2005-04-16 308 bc->cfg.loopback ? ",loopback" : "");
^1da177e4c3f41 Linus Torvalds 2005-04-16 309 sprintf(portarg, "%ld", bc->pdev->port->base);
^1da177e4c3f41 Linus Torvalds 2005-04-16 310 printk(KERN_DEBUG "%s: %s -s -p %s -m %s\n", bc_drvname, eppconfig_path, portarg, modearg);
^1da177e4c3f41 Linus Torvalds 2005-04-16 311
86313c488a6848 Jeremy Fitzhardinge 2007-07-17 312 return call_usermodehelper(eppconfig_path, argv, envp, UMH_WAIT_PROC);
^1da177e4c3f41 Linus Torvalds 2005-04-16 313 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 314
:::::: The code at line 304 was first introduced by commit
:::::: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 Linux-2.6.12-rc2
:::::: TO: Linus Torvalds <torvalds@ppc970.osdl.org>
:::::: CC: Linus Torvalds <torvalds@ppc970.osdl.org>
--
0-DAY CI Kernel Test Service
https://01.org/lkp
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2022-08-07 19:58 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-03-28 17:21 drivers/net/hamradio/baycom_epp.c:304:2: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments kernel test robot
2022-08-07 19:58 kernel test robot
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.