The C11 Annex K (normative), "Bounds-checking interfaces" [ISO/IEC 9899:2011], defines alternative versions of standard string-handling functions designed to be safer replacements for existing functions. For example, C11 Annex K defines the strcpy_s(), strcat_s(), strncpy_s(), and strncat_s() functions as replacements for strcpy(), strcat(), strncpy(), and strncat(), respectively.
...
String-handling functions defined in the C standard, Section 7.24 [ISO/IEC 9899:2011], and elsewhere are susceptible to common programming errors that can lead to serious, exploitable vulnerabilities. Proper use of TR 24731 functions can eliminate most of these issues.
...
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
ISO/IEC 9899:2011 Section Section 7.24, "String handling <string.h>"
...