On the other hand, the Pascal code that can't handle 5GB strings also doesn't have the same pervasive security risk from buggy string manipulation that C code does. Not a bad tradeoff, especially given that you probably want to work on substrings within that 5GB and slicing in C essentially doesn't work because null termination either doesn't exist for your substrings (making them incorrect and potentially unsafe, depending on what you're doing) or the substring null termination breaks your larger string and prevents it from actually behaving like a 5GB string.
Safe string manipulation in C devolves into always passing a char array and a count anyway, which is not coincidentally exactly what Pascal strings look like.
Indeed safe strings in C are hard to do, but the nul termination is not the end-all-be-all of C strings; indeed, there is often a way to specify maximum string length (e.g. %.#s format in the prints family, strncpy). So mmapped strings are actually useful.
The bigger problems is embedded nuls, which can’t easily be sidestepped in the C strong framework.
Regardless, C won when the world was not yet well connected, and vulnerabilities mattered much less. It might not have won if the match was held today. The wake up calls were the Morris worm (intentional) and the AT&T outage (unintentional, and more of a logic error iirc) but by then it was too late.
Safe string manipulation in C devolves into always passing a char array and a count anyway, which is not coincidentally exactly what Pascal strings look like.