[m-rev.] diff: Avoid gcc format overflow warning.

[Peter Wang]

When compiling in hlc.gc at -O5 --intermod-opt,
gcc 7.3.0 on Linux/x86-64 reports:

    ll_backend.tag_switch.c: In function 'll_backend__tag_switch__generate_primary_jump_table_13_p_0':
    ll_backend.tag_switch.c:2067:21: error: '%u' directive writing between 1 and 10 bytes into a region of size 4 [-Werror=format-overflow=]
         sprintf(buffer, "%" PRIu8, U8);

where U8 has type uint8_t.

library/string.m:
    Use a larger buffer than strictly necessary in uint8_to_string.
---
 library/string.m | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/library/string.m b/library/string.m
index 7979a52a7..8082c07c9 100644
--- a/library/string.m
+++ b/library/string.m
@@ -5882,21 +5882,23 @@ uint_to_string(_) = _ :-
 
 int8_to_string(_) = _ :-
     sorry($module, "string.int8_to_string/1").
 
 %---------------------%
 
 :- pragma foreign_proc("C",
     uint8_to_string(U8::in) = (S::uo),
     [will_not_call_mercury, promise_pure, thread_safe, will_not_modify_trail],
 "
-    char buffer[4]; // 3 for digits, 1 for nul.
+    // Use a larger buffer than necessary (3 bytes for digits, 1 for nul)
+    // to avoid spurious warning from gcc -Werror=format-overflow.
+    char buffer[24];
     sprintf(buffer, ""%"" PRIu8, U8);
     MR_allocate_aligned_string_msg(S, strlen(buffer), MR_ALLOC_ID);
     strcpy(S, buffer);
 ").
 
 :- pragma foreign_proc("C#",
     uint8_to_string(U8::in) = (S::uo),
     [will_not_call_mercury, promise_pure, thread_safe],
 "
     S = U8.ToString();
-- 
2.19.1