Comment by pjmlp

The problem with C to write secure software, it not only the set of language features for numeric, array and pointer manipulation that make it so easy to write exploits.

It is also the long set of compiler specific behaviors, sometimes version specific even, and UB. All of each very hard for a human to keep all the time on its head.

Hence why we have things like static analyzers, MISRA and Frama-C and still falls through the cracks.