Rust
I just knew if I left the reference to Rust in, we'd get dinged on it. I've just decided to take that sentence out rather than argue at length over it. We wrote at the end, regarding the BadAlloc hole in QNX:
"Such bugs explain why the Rust programming language, capable of memory-safety and type-safety, has become popular in recent years at companies like AWS, Google, and Microsoft."
Would Rust have prevented this specific bug? Maybe, depending on how it was used. You could use Rust's checked math operations that catch overflows, if you remember to use them; debug mode has them on by default. If the overflow is in a separate C lib, you're out of luck.
Is it a good idea to use Rust to avoid similar memory bugs - like what Google, AWS, and others are doing - yes. We mentioned Rust in a general sense because at least some devs look at bugs like BadAlloc, think, 'there but for the grace of God, go I' and opt to use Rust to minimize similar, related flaws to improve the quality of their shipped code.
C.