"If one validates parameters before using string functions
(which quality programmers should do),
the 'safe' functions have no reason to exist."
Consider the following function:
What could possibly go wrong?
You check the length of the string, and if it doesn't fit
in the buffer, then you reject it.