Fix buffer overflow in make-docfile

* lib-src/make-docfile.c (scan_c_stream): Check for buffer
overflow when reading an identifier.  Use a static buffer for NAME
rather than a small dynamically-allocated buffer.

lib-src/make-docfile.c

@@ -845,8 +845,7 @@ scan_c_stream (FILE *infile)
       bool defvarperbufferflag = false;
       bool defvarflag = false;
       enum global_type type = INVALID;
-      static char *name;
-      static ptrdiff_t name_size;
+      static char name[sizeof input_buffer];
 
       if (c != '\n' && c != '\r')
 	{
@@ -967,22 +966,13 @@ scan_c_stream (FILE *infile)
 	      if (c < 0)
 		goto eof;
 	      input_buffer[i++] = c;
+	      if (sizeof input_buffer <= i)
+		fatal ("identifier too long");
 	      c = getc (infile);
 	    }
 	  while (! (c == ',' || c == ' ' || c == '\t'
 		    || c == '\n' || c == '\r'));
 	  input_buffer[i] = '\0';
-
-	  if (name_size <= i)
-	    {
-	      free (name);
-	      name_size = i + 1;
-	      ptrdiff_t doubled;
-	      if (! INT_MULTIPLY_WRAPV (name_size, 2, &doubled)
-		  && doubled <= SIZE_MAX)
-		name_size = doubled;
-	      name = xmalloc (name_size);
-	    }
 	  memcpy (name, input_buffer, i + 1);
 
 	  if (type == SYMBOL)