The rtc-ds1307 driver does not properly handle block operations bigger
than 32 bytes in either of the two modes supported (SMbus native, or
emulated if not supported by the SMbus platform driver).

It also does not properly handle userland-supplied input (block
operation length) through sysfs and may suffer a type of buffer overrun.

The driver has been modified with proper input validation, buffer sizes,
and now splits block transfers bigger than 32 bytes into separate
transfers.

Explanation : Buffer size allocated is I2C_SMBUS_BLOCK_MAX which equals
to 32 as per the SMbus spec.  Reads and write may be up to 56 bytes (to
the NVRAM).  This patch allocated a 255 byte buffer, the maximum
allowable (address is an u8).  It's not only a buffer problem, SMbus
only supports up to 32 bytes transfer at once, so it's needed to split
bigger transfers.

Patch successfully tested on 3.2.27; cleanly applies on 3.7-rc4.

[akpm@linux-foundation.org: rework code to avoid 80-column overflows]
Signed-off-by: Bertrand Achard <ba@cykian.net>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>