Re: C is a [value judgement of choice] language for security
"So, don't wait around for somebody else to do this simple stuff for you: just do it."
In addition: GCC has a ton of new sanity checks for you to enable.. Use them.
If your compiler provides a way to annotate varargs. Use them (ex GCC: __attribute__ ((format(printf, 2, 3)));"
If your compiler lets you annotate parameters as allows NULL/must never be NULL etc. Use those too.
Always make sure your code compiles without warnings.. Warnings are often the C language telling you that what you are doing is undefined and even if you leave the safe warnings in place they will hide the important warnings in the noise.