[Yaffs] yaffs_proc_write may access an out of range buffer a…

In yaffs_proc_write

static int yaffs_proc_write(struct file *file, const char *buf,
                     unsigned long count, void *data)
{
...
        mask_bitfield = simple_strtoul(buf + pos, &end, 0);
        if (end > buf + pos) {
            mask_name = "numeral";
            len = end - (buf + pos);
            pos += len;
            done = 0;
        } else {
...
}

simple_strtoul may cause end>=buf+count.

I think we may need another check-length version of simple_strtoul
which is like nstrcpy v.s. strcpy.

--
Regards, neversetsun