The snprintf() function returns the number of bytes that *would* have
been written (not counting the NULL terminator) and that can potentally
be more than the size of the buffer.

In this patch if there were one liners where string clearly fits into
the buffer, then I changed snprintf to sprintf().  It's confusing to use
the return value of snprintf() as a limitter without verifying that it's
smaller than size.  This is what initially caught my attention here.
If we use the return value of sprintf() instead future code auditors will
assume we've verified that it fits already.

Also I did find some places where it made sense to use the return value
after we've verified that it is smaller than the buffer size.

Finally the read_file_rcstat() function added an explicit NULL terminator
before calling snprintf().  That's unnecessary because snprintf() will
add the null terminator automatically.

Signed-off-by: Dan Carpenter <error27@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>