This is why strlcpy was invented: https://www.freebsd.org/cgi/man.cgi?query=strlcpy&sektion=3
[Comment removed by author]
strncpy takes an extra argument, another value the developer can get wrong. Why is passing three argument safer than passing two? There is 50% more to get wrong.
One argument for strncpy being safer is that the extra argument provides more information for consistency checking. But I don’t have any data showing that consistency checking has benefits that outweigh the cost of the extra argument.
I don’t think this is a great argument. It would imply globals are better than parameters, because you’ll never pass the wrong one.
Of course, strcopy also includes this argument in the form of the null terminator on the source string. It’s therefore implicit, conventional and actually easier to screw up than manually bookeeping a length.
That’s why I always open man-page/documentation before using a function. Until I know man-page by heart I will reopen the man-page and even then - better safe than sorry.
It is a bit funny how auto-completion in many cases would only give a false sense of understanding. But maybe it’s better than when I was using it. One could argue that it’s C’s fault, but surprising behavior can happen in every language and especially in an older one.
Shouldn’t the role of the language be to limit surprise?
gets was removed in C11