Adding strlcpy() to glibc

The first group of functions cause off-by-ones and buffer overflows, which may or may not crash your program and may or may not be exploitable. Crashes are comparatively less annoying. Exploits are potentially very bad. Thankfully, tools like Valgrind and Coverity can find those issues, if you care to run them.

The second group of functions cause truncated output, which range from minor annoyance (incomplete logs) to exploits (password shortened to a trivial length) to business-destroying (months of data suddenly discovered to be unusable). That class of bugs is harder to find using automated tools.

YMMV. I'd rather deal with memory corruption than data corruption : it's easyer to detect and has a (depending on your luck) less severe failure mode.

That said, I agree with the resignated inclusion of the new glibc functions. But I also wouldn't do string manipulation in C at all if I can avoid it :p