fix: c.lang.security.insecure-use-string-copy-fn.insecure-use-string-copy-fn security vulnerability

orbisai0security · orbisai0security · commit 34ece6269f7c · 2026-05-01T06:17:20.000Z
Automated security fix generated by Orbis Security AI
diff --git a/deps/jemalloc/src/malloc_io.c b/deps/jemalloc/src/malloc_io.c
@@ -99,8 +99,7 @@ buferror(int err, char *buf, size_t buflen) {
 #elif defined(JEMALLOC_STRERROR_R_RETURNS_CHAR_WITH_GNU_SOURCE) && defined(_GNU_SOURCE)
 	char *b = strerror_r(err, buf, buflen);
 	if (b != buf) {
-		strncpy(buf, b, buflen);
-		buf[buflen-1] = '\0';
+		snprintf(buf, buflen, "%s", b);
 	}
 	return 0;
 #else
