dprintf_formatf: fix (false?) Coverity warning

CID 1024412: Memory - illegal accesses (OVERRUN). Claimed to happen when
we run over 'workend' but the condition says <= workend and for all I
can see it should be safe. Compensating for the warning by adding a byte
margin in the buffer.

Also, removed the extra brace level indentation in the code and made it
so that 'workend' is only assigned once within the function.

lib/mprintf.c

@@ -581,6 +581,11 @@ static int dprintf_formatf(
 
   va_stack_t *p;
 
+  /* 'workend' points to the final buffer byte position, but with an extra
+     byte as margin to avoid the (false?) warning Coverity gives us
+     otherwise */
+  char *workend = &work[sizeof(work) - 2];
+
   /* Do the actual %-code parsing */
   dprintf_Pass1(format, vto, endpos, ap_save);
 
@@ -610,6 +615,8 @@ static int dprintf_formatf(
     /* Used to convert negative in positive.  */
     mp_intmax_t signed_num;
 
+    char *w;
+
     if(*f != '%') {
       /* This isn't a format spec, so write everything out until the next one
          OR end of string is reached.  */
@@ -730,9 +737,6 @@ static int dprintf_formatf(
 
       number:
       /* Number of base BASE.  */
-      {
-        char *workend = &work[sizeof(work) - 1];
-        char *w;
 
       /* Supply a default precision if none was given.  */
       if(prec == -1)
@@ -795,7 +799,6 @@ static int dprintf_formatf(
       if(p->flags & FLAGS_LEFT)
         while(width-- > 0)
           OUTCHAR(' ');
-      }
       break;
 
     case FORMAT_STRING: