printk() uses snprintf() wrong, which may lead to a buffer overrun.
retval might be larger than the size of buf.
In this case buf[retval] = 0; will write beyond the end of buf.
Fix: Please apply the patch.
Over to maintainer(s).
For bugs matching the following criteria:
Status: In Progress Changed: (is less than) 2014-06-01
Reset to default assignee and clear in-progress tags.
Mail being skipped