For example, I find worthless the Annex K of C11 as solution for memory corruption, because the functions still require to keep track of a separate pointer and size, while making sure they match. And the Annex is anyway optional.
However OpenBSD coding guidelines do look quite good:
Also, they ripped out a bunch of what they called "exploit mitigation countermeasures" in OpenSSL's memory allocation code.