My main goal has been to avoid undefined behavior and security vulnerabilities. People would deem this impossible with C for practical purposes, but I think it's just a matter of responsibility, discipline and devotion. I've done extensive error checking, taken all compiler warnings seriously and employed security recommendations like the usage of goto chains. There's of course still a lot of room for improvement and certainly numerous bugs, but one small step at a time...
I'm moving from full-stack web development to system, application, low-level or embedded programming of some mission criticality. If you have a vacancy and see potential for a good cooperation, please drop me a line, my e-mail address is on my Github. I'm based in Berlin, Germany and willing to relocate across continents.
If any discussion arises I will be available in the European afternoon to address your questions.
When do you reach the point of saying "ok, that's enough discipline and devotion" and how do you know that what you've done is indeed enough?
Is there a study on "subjective quality of software written in C vs number of actual security vulnerabilities"? I think that would help shed some light on the real world implications of that particular mindset many C programmers tend to have :)
