Personal opinion, people are generally way too concerned about buffer overflows in C. Meaning if you have issues with buffer overflows the root cause is you are seriously writing C the wrong way circa 2016.
When I hear buffer overflows I think.
Programmer trying to be smarter than he is.
Depreciated unsafe string functions.
Unnecessary pointer arithmetic.
No unit tests
Failing to use static code analysis tools
> Personal opinion, people are generally way too concerned about buffer overflows in C
My only concern about buffer overflows in C is that memory error continue to happen in software that I depend upon in my daily life.
Chrome, Firefox, Linux, OpenSSL, all these things suffer memory errors that compromise my security. Anyone doing security work in C in 2016 is in my opinion committing malpractice and putting user's at risk because their ego's can't take not fiddling bits by hand.
When I hear buffer overflows I think.
Programmer trying to be smarter than he is. Depreciated unsafe string functions. Unnecessary pointer arithmetic. No unit tests Failing to use static code analysis tools