as retarded as systemd is, errata is a mental midget. none of the things he mentioned are security bugs, their're are coding styles that might possibly lead to security bugs. their're are not inherently bad and are widely used in more or less any non-trivial C codebase. rob might want to restrict himself to an autistic subset of C but it doesn't mean that anyone not doing that is doing security badly