glibc locale/programs/locale.c: stack-based overflow via unbounded directory entry concatenation

In locale/programs/locale.c (localedef utility), the verbose locale listing builds a path in a stack buffer using stpcpy into a fixed-size array sized from strlen(dirent->d_name), but it then copies a second fixed suffix (/LC_IDENTIFICATION and then /LC_CTYPE) into the same buffer using strcpy without verifying resulting length. If the directory entry name is unexpectedly long or includes path separators/symlinks, the computed buffer size may be insufficient relative to the subsequent in-buffer copies, leading to stack buffer overflow.