I see it the other way round. People hurt themselves by using C++. C++ fans will never understand it, but it you can solve your problem in a much simpler way, this is far better.
Contrary to C standard library, all C++ compilers have provided safe versions of their standard libraries, predating C++98, enabled in debug mode.
Even if non standard, all major C++ compiler vendors have provided similar features on their standard library, and is now officially supported in C++26.
I have debugged enough C memory corruption issues with strings and arrays, that I would thought by now WG14 would actually care to fix the root cause, 40 years in.
The C standard library does not have containers, so I do not see how this sentence makes any sense. The reality is that C++ STL is in practice not really safer than C arrays, and although you can activate bounds checking, there remain many gotchas. But I am happy to see that bounds checking is now becoming official with C++26. For C arrays you get bounds checking in practice with -fsanitize=bounds. For containers, you would need a library in C that does bounds checking. So in both languages it is possible to get bounds checking if you want to.
A compiler extension only available in clang is not C, so nope, there is no solution available in ISO C, and apparently never will be one.
Also to note that said extension only exists because Apple did the work WG14 did not bothered to do for the last 40 years, and as way to improve interop with safe Swift.
- "All" C libraries use some form of namespacing (the typical mylib_dosomething kind of name); actual namespaces mean you don't write these prefixes over and over again when in the same namespace
- "Most" C projects do basic OOP, many C projects even do inheritance via composition and a fair few of these do virtual dispatch too
- Templates (esp. since C++20), lambda functions, overloads and more recently coroutines (which are fancy FSM in their impl), etc. reduce boilerplate a lot
- Containers (whether std:: or one's own) are far easier to work with in C++, a lot less boilerplate overall (GDB leveraged this during their migration iirc)
- string_view makes non-destructive substring manipulation a lot easier; chrono literals (in application code) make working with durations a lot more readable too
In the past decade or two, major projects like GCC and GDB have migrated from C to C++.
Obviously, C retains advantages over C++, but they are fairly limited: faster build times, not having to worry about exposing "extern C" interface in libraries, not having to worry about controversial features like exceptions and (contextually) magic statics and so on...
It offers us safety features for arrays and strings, that apparently WG14 will never add to C.
Didn't so in 40 years, and still remains to be seen what will be done with the current trend of cybersecurity laws.
Then there is the whole basic stuff like proper namespaces instead of the ridiculous prefix convention.
This from a point of view of C++ ARM defacto standard back in the 1990's, not even considering anything else.
I see more possibilities for people to hurt themselves using C than C++, since 1993 when I added C++ to my toolbox.