> libpurple suffers from very poor code quality, leading to tons of exploitable vulnerabilities. Just as you would expect when writing C parsers for lots of complicated protocols.

Is this your personal feeling or do you have something to back this up? A quick look at the source code suggests it's basically like any other glib based program.