This is the code that gives us the classic buffer overflow vulnerability all because checking for a length isn't elegant.
Or rather, buffer overflows arise because someone did not think of lengths, and somehow this mentality became ingrained in a rather large number of programmers; this code is perfectly fine if the length of the source string is always less than or equal to that of the destination. I think saying "never use X" is almost always a bad idea, since it discourages reasoning, and not thinking about lengths is what lead to this problem in the first place.
On the other hand, "never use gets()" is more appropriate, since whoever came up with that function clearly never thought of lengths...
Or rather, buffer overflows arise because someone did not think of lengths, and somehow this mentality became ingrained in a rather large number of programmers; this code is perfectly fine if the length of the source string is always less than or equal to that of the destination. I think saying "never use X" is almost always a bad idea, since it discourages reasoning, and not thinking about lengths is what lead to this problem in the first place.
On the other hand, "never use gets()" is more appropriate, since whoever came up with that function clearly never thought of lengths...