Relative FTP directory join uses sprintf into alloca buffer without tracking size

In wget's FTP retrieval path, [REDACTED] computes a stack buffer size for joining u->dir and f->name, but then uses sprintf() to write the composed path into the alloca() buffer. The code sets container = alloca(size) only when the requested size grows, yet container_size is never updated, so the size check is ineffective. More importantly, the join itself relies on sprintf rather than a bounded copy, making the path composition fragile if the component lengths are ever miscomputed or if the size arithmetic overflows.