GNU binutils ar: archive extraction uses attacker-controlled output_filename in chmod/path handling

While auditing GNU binutils ar, I found that archive member extraction writes to a path chosen earlier in the extraction flow and then applies chmod() to that pathname after closing the file. The code also uses a separately tracked global output_filename and reopens/updates metadata by name, which creates a dangerous trust boundary around the path used for the extracted file.