Security is the concern, not necessarily safety or availability (the software may be allowed to fail in certain ways).
Here are some defensive programming techniques: If existing code is tested and known to work, reusing it may reduce the chance of bugs being introduced.
When considering using existing source code, a quick review of the modules(sub-sections such as classes or functions) will help eliminate or make the developer aware of any potential vulnerabilities and ensure it is suitable to use in the project.
Many software products have experienced problems with old legacy source code; for example: Notable examples of the legacy problem: Malicious users are likely to invent new kinds of representations of incorrect data.
All code is insecure until proven otherwise - while a slight misnomer, does a good job reminding us to never assume our code is secure as bugs or undefined behavior may expose the project or system to attacks such as common SQL injection attacks.