One of the danger of C-style arrays is that their length is not attached to the pointer that points to their beginning. This means that there are lots of unsafe library functions that might write beyond the allocated space.
One such example is
int sprintf(char *str, const char *format, ...);
It just takes a naked pointer to the buffer and a format string, as well as
values to format. If the buffer in
str is not large enough,
not know it and just happily write beyond the bounds.