tar xheader.c uses strcpy/strcat with TMPDIR leading to buffer overflow (CWE-120)

In src/xheader.c, xheader_ghdr_name builds globexthdr_name from the environment variable TMPDIR using strcpy() and strcat() into a heap buffer allocated as strlen(tmp)+sizeof(GLOBAL_HEADER_TEMPLATE). A mismatch in the size calculation or future template changes can lead to writing past the allocated heap buffer. TMPDIR is attacker-controlled in many execution contexts.