Not technically my code, and that's the part I don't know how to fix. I used every security technique I knew of back then, including extensive unit tests, manual auditing, malloc debuggers (including Electric Fence), and pretty much every open source tool that was well-known in 2000. I'm sure a modern fuzzer could find some errors, particularly integer overflows, because this was 32-bit code and I didn't understand some modern exploitation tricks.

But as hard as I tried, I still failed, because I relied on 3rd-party code (by an extremely talented programmer), and he made mistakes. Perfection is not a scalable strategy.