Hello Luciano Coelho, The patch f5fc0f86b02a: "wl1271: add wl1271 driver files" from Aug 6, 2009, leads to the following static checker warning: drivers/net/wireless/ti/wlcore/cmd.c:894 wlcore_cmd_configure_failsafe() warn: is 'buf' large enough for 'struct acx_header'? drivers/net/wireless/ti/wlcore/cmd.c 886 int wlcore_cmd_configure_failsafe(struct wl1271 *wl, u16 id, void *buf, 887 size_t len, unsigned long valid_rets) 888 { 889 struct acx_header *acx = buf; 890 int ret; 891 892 wl1271_debug(DEBUG_CMD, "cmd configure (%d)", id); 893 894 acx->id = cpu_to_le16(id); "len" is the size of the "buf" buffer. The warning is because wl1271_tm_cmd_test() and friends check if len is too large but they don't check if it's too small. 895 896 /* payload length, does not include any headers */ 897 acx->len = cpu_to_le16(len - sizeof(*acx)); 898 899 ret = wlcore_cmd_send_failsafe(wl, CMD_CONFIGURE, acx, len, 0, 900 valid_rets); 901 if (ret < 0) { 902 wl1271_warning("CONFIGURE command NOK"); 903 return ret; 904 } 905 906 return ret; 907 } See also: drivers/net/wireless/ti/wl1251/cmd.c:29 wl1251_cmd_send() warn: is 'buf' large enough for 'struct wl1251_cmd_header'? regards, dan carpenter -- To unsubscribe from this list: send the line "unsubscribe linux-wireless" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html