I am only a beginner level C++ coder, yet I cannot help but be astounded by how many of these missing bounds check vulnerabilities have been discovered in all kinds of software over the years. From Windows to Linux to web browsers to Java to Flash to audio and video players and pretty much everything in between, if it was written in C or C++, there has probably been one of these bugs in it. This is an avoidable mistake. Most of the vulnerabilities that have resulted in mass virus propagations (Nimda, Code Red, and more) and many vulnerabilities resulting in mass data theft have been caused by missing bounds check vulnerabilities exploited by buffer overflows.
All of this software is created by bright people who make stupid little mistakes. A few times I have downloaded open source code and took a quick look at it to be overwhelmed by the number of files contained in the project. Some of the files like a header file or something may contain as little as one line of code. Managing code that is scattered among hundreds of different files has to be difficult, isn't it? How else could one explain bright people making these missing bounds check mistakes?
Is there not a way for C/C++ compilers to do bounds checking and error on compilation? I don't know much about it, but I do know there have been way too many of these vulnerabilities over the years, all of which are preventable. We will never have secure computing as long as these simple little mistakes are allowed to happen. There has to be a better way.