why be so masochistic to use C/C++ when you could use some real high-level language?Because frequently it's the right tool for the job. Such as a lot of things, when you leave apparently religious preferences out of the debate.
Is it difficult to prevent buffer overflows? YES!For inexperienced C (or likewise, assembly) programmers, you are correct. Perhaps those people should not be producing software in C that needs to be secure.
in that case the strncpy is just BOGUS!!Your example is bogus. Not everything stored in a C array is a string, and anyway, using strncpy (and then setting strlen(str)-1 to '\0' prevents any problem with that code assuming the array was null terminated in the first place.
how exactly are you going to find the last character if the string isn't null-terminated.There's no such thing as a C string that isn't null-terminated. Once the null terminator has been lost, the data stored in the array is no longer a C string. It follows that if you want your array to remain a valid string, you had best preserve the null terminator.
but if strings were simply managed by adding the string length to the data typeYou are free to write your own string struct/class that does this. In fact there are quite a few that exist already. You have the choice not to use C strings, so it seems ridiculous for you to continue to use them when you have demonstrated that they are beyond your capability.
it's just not the right language for the job!How do you know that? What is the job? Or are you just generalizing?