Yes, you're making it intentionally difficult by allowing any length string, which in C becomes complicated because there is no built-in support for an automatically growing string that you can use for input from stdin. Of course, there may be third party libraries that do allow this. If you add "it's okay to truncate any input longer than N characters", it becomes a lot easier.
Fortunately, "native code" doesn't have to mean C. If you broaden your scope to C++ your goal becomes amazingly easy (because C++ does have such a string in its standard library, and the facilities to use it for input):
(The code block on this bloody forum was stripping my newlines again)
This takes, all told, three lines of real code. There's no bugs, no memory leaks, no fuss. Just clean, safe, simple code. It'd be exactly the same in C#.
Go watch Herb Sutter's talk from Build. There wasn't anything in there that I wasn't already doing, but if you're not that familiar with C++, haven't used it recently, or are stuck in the "C with classes" style of using it, it should be very enlightening.