Usage of Secure C (memcpy_s, strcpy_s etc) functions on OpenSSL

[Phillip Susi]

Michael Wojcik writes:

> Some C experts have argued that the length-checking versions of the library functions, either the C90 ones such as strncat or the Appendix K ones, are essentially pointless anyway; that the caller needs to handle truncation and so ought to know whether truncation (or overflow) would occur before attempting the operation.

Isn't this normally/easilly handled simply by passing sizeof( buffer ) -
1?  Then the last byte is always \0 whether or not the copy was truncated.