bash/support/man2html.c: sprintf into fixed-size buffer with unchecked offset

In support/man2html.c, add_to_index() writes formatted HTML into a fixed-size global buffer (manidx) using sprintf(manidx + mip, ...) without verifying that the formatted output fits in the remaining space or that mip is within bounds. If troff output produces a long string (c) or causes mip to approach the end of manidx, sprintf can overflow manidx, leading to memory corruption.