properly bound buffer access when parsing cpu/*/availability

At the same time reduce the local buffers to 16 bytes each.

Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>

--- a/drivers/xen/core/cpu_hotplug.c
+++ b/drivers/xen/core/cpu_hotplug.c
@@ -28,13 +28,13 @@ static int local_cpu_hotplug_request(voi
 static void vcpu_hotplug(unsigned int cpu, struct sys_device *dev)
 {
 	int err;
-	char dir[32], state[32];
+	char dir[16], state[16];
 
 	if ((cpu >= NR_CPUS) || !cpu_possible(cpu))
 		return;
 
 	sprintf(dir, "cpu/%u", cpu);
-	err = xenbus_scanf(XBT_NIL, dir, "availability", "%s", state);
+	err = xenbus_scanf(XBT_NIL, dir, "availability", "%15s", state);
 	if (err != 1) {
 		printk(KERN_ERR "XENBUS: Unable to read cpu state\n");
 		return;