[pjmlp]

The CVE database shows how easy it is to use correctly, bah.

[MaulingMonkey]

Warts like no guaranteed NUL termination for strncpy and strncat if the buffer length is reached are especially fun to contend with in code reviews.

As is *cat being O(N) with respect to destination length.

So easy that there's been constant flamewars over nonstandard alternatives such as strlcpy, strcpy_s... https://news.ycombinator.com/item?id=6940368