Safer: strlcpy() and strlcat()

• size_t strlcpy(buf, input, sizeof(buf));

• size_t strlcat(buf, suffix, sizeof(buf));

  • Consistent meaning for count parameter
  • Garanteed to null-terminate destination buffer

• More intuitive API

  • Helps beginners move from strcpy() to strlcpy()
  • More obvious to code readers

• Not a cure-all

  • Only suitable to handle fixed length buffers
  • May truncate input, leading to other problems
  • Need to understand code being audited