Any "safe" string library for C that uses pointer and length as separate arguments is safe only in name.
Microsoft does it, because it comes along with SAL[0], which is kind of Microsoft's own Frama-C.
Also as long as WG14 doesn't care, everyone will keep passing char* around while hoping it is actually null terminated and points to the right place in memory.
Technically, ISO C could get safer types, or have something like SAL/FORTIFY, but as you say, without will it will never happen.
Microsoft does it, because it comes along with SAL[0], which is kind of Microsoft's own Frama-C.
Also as long as WG14 doesn't care, everyone will keep passing char* around while hoping it is actually null terminated and points to the right place in memory.
Technically, ISO C could get safer types, or have something like SAL/FORTIFY, but as you say, without will it will never happen.
[0] - https://docs.microsoft.com/en-us/cpp/code-quality/using-sal-...