Binutils srconv output file name construction uses unbounded strcpy/strcat

In binutils/srconv.c, the default output file name is built by copying the user-supplied input file name into a heap buffer sized as strlen(input_file)+5, then appending either 'bj' or ".obj". The code uses strcpy() and strcat() instead of a bounded copy, so the logic depends on exact arithmetic and can overrun if the buffer sizing or length assumptions are violated by future edits or unusual paths. The pattern is a classic unsafe string composition site in a file-conversion utility that accepts attacker-controlled pathnames.