FYI, C11 introduced scanf_s to prevent potential buffer overruns.
But remember that those "safe" functions are optional, not all compilers implement them.
I know that MSVC complains mightily about using scanf, recommending using scanf_s
What exactly do those warnings say with the current compiler?
Edit: Also note that not all of the C standard functions are implemented in MSVC and some of those MSVC functions have different function signatures than the standard functions.
Error C4996 'scanf': This function or variable may be unsafe. Consider using scanf_s instead. To disable deprecation, use _CRT_SECURE_NO_WARNINGS. See online help for details.
consider, if C allows it, char string1[SIZE] = {0};
so that all the letters are zeroed. Then if you do something that leaves off the end of string zero it was already there.
I still believe if the C standard includes the safe functions they shouldn't be optional for implementation.
Well everyone has their own opinions.
Since the "safe" functions are only part of Annex K and not part of the general standard the standards body must have had a reason to add Annex K and not add them to the general standard.
IMO, Annex K was a compromise to try to bring MSVC into actually supporting modern standard C. At the time MSVC only truly supported parts of C90.
With printf() etc, you can use * for a format width to get a width value from the specified args, but you can't do this with scanf() as * means skip an input.