[lelanthran]

Yeah. A lot of security issues are design issues, not "I reused a buffer for something else" issues.

Fixing design and/or architecture at a high level usually requires a signficant rewrite; sometimes even a switch in technology stacks.