mostly its with indexes. Ie:
Code:
int test[10];
for (int i=0; i < 10; i++)
test[i]=-1;
// and this is bad
test[i] = 0; // means i = 10 , ouch
Or simply having a bigger content in a char then possible:
Code:
char msg[10];
// this 11 characters + carriage return! (so needs 12)
sprintf(msg, "Hello world\n");
its within all these little obvious things. Easy to overlook. Perhaps you can use assert to track down suspecious variables.