The code doesn't check first sscanf() return value.  If first sscanf()
failed then c contains some garbage.  It might lead to reading
uninitialised stack data in the second sscanf() call.

Signed-off-by: Vasiliy Kulikov <segoon@openwall.com>
Cc: Richard Purdie <rpurdie@rpsys.net>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>