tar: potential heap buffer overflow in lib/wordsplit.c when building VAR=value env strings

In lib/wordsplit.c, wordsplit builds environment entries from a variable name and value. In the non-KV environment case it allocates v = malloc(namelen + strlen(value) + 2), copies name into v, appends '=' and then uses strcpy(v + namelen, value) without constraining the destination length to the allocation size.