I've seen numerous articles on buffer overflows and how they occur and I've even see code examples of how they are done and what they look like. What many of these articles leave it is how to fix them?! I know that in C++ the string data type prevents this, but many, many functions require char arrays and pointers to be passed to them and once you convert a string to a char, your back to your security risk.

So how can I prevent buffer overflows in C/C++? (code examples would be appreciated)

Are the 'cin' functions in C++ safe?

Is there a list of what string/char functions are immune/vulnerable anywhere?

Thanks again.