Thanks for resolving that question about cin. If I may make a hypothesis on my other questions I think I know how I can prevent it, but confirmation from others would be nice.

Am I correct in assuming that the only way buffer overflow can be achieved is through user input of some kind? I know about the heap and stack, but from what I've seen it still requires user input atleast in the examples given both on these forums and on various websites. Is it safe to use a string to get all my input and then convert to char where nessisary for my functions and what not or is this still a security risk? (for example...)

string x;
cout << "Enter Your First Name: ";
cin >> x;
char y[12];
strncpy(y, x, 12);
// use 'y' as a parameter for functions that require chars

I couldn't think of any functions off hand that only requires char, but I run into them every so often and I always get errors when I try to pass a string instead. Like I said, this is all just a wild guess from what knowledge I do know. Is this the safest way to do it or are there any other input functions or other methods that would work better?