wget [REDACTED] uses sprintf into heap buffer

In wget's WARC code ([REDACTED]), warc_start_warc_file builds output filenames into a heap buffer allocated with xmalloc, then uses sprintf() to format strings into that buffer using [REDACTED] and [REDACTED]. If the allocated size ever becomes inconsistent with the formatted string length, this becomes a classic stack/heap buffer overflow risk; using sprintf also removes automatic bounds checking.