fix(statusline): fix uninitialized variable and possible overflow

In file included from /usr/include/string.h:535,
                 from gsrc/nvim/statusline.c:10:
In function ‘strcat’,
    inlined from ‘build_stl_str_hl’ at gsrc/nvim/statusline.c:1688:9:
/usr/include/bits/string_fortified.h:130:10: warning: ‘p’ may be used uninitialized [-Wmaybe-uninitialized]
  130 |   return __builtin___strcat_chk (__dest, __src, __glibc_objsize (__dest));
      |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

1 files changed, 6 insertions, 3 deletions

diff --git a/src/nvim/statusline.c b/src/nvim/statusline.c
index e809922be3..db99bae03c 100644
--- a/src/nvim/statusline.c
+++ b/src/nvim/statusline.c
@@ -1656,7 +1656,7 @@ int build_stl_str_hl(win_T *wp, char *out, size_t outlen, char *fmt, char *opt_n
         break;
       }
 
-      char *p;
+      char *p = NULL;
       if (fold) {
         size_t n = fill_foldcolumn(out_p, wp, stcp->foldinfo, (linenr_T)get_vim_var_nr(VV_LNUM));
         stl_items[curitem].minwid = -((stcp->use_cul ? HLF_CLF : HLF_FC) + 1);
@@ -1678,14 +1678,17 @@ int build_stl_str_hl(win_T *wp, char *out, size_t outlen, char *fmt, char *opt_n
           stl_items[curitem].minwid = -(sattr ? stcp->sign_cul_id ? stcp->sign_cul_id
                                         : sattr->hl_id : (stcp->use_cul ? HLF_CLS : HLF_SC) + 1);
         }
+        size_t buflen = strlen(buf_tmp);
         stl_items[curitem].type = Highlight;
-        stl_items[curitem].start = out_p + strlen(buf_tmp);
+        stl_items[curitem].start = out_p + buflen;
         curitem++;
         if (i == width) {
           str = buf_tmp;
           break;
         }
-        STRCAT(buf_tmp, p);
+        int rc = snprintf(buf_tmp + buflen, sizeof(buf_tmp) - buflen, "%s", p);
+        (void)rc;  // Avoid unused warning on release build
+        assert(rc > 0);
       }
       break;
     }