Developers probably check the code, but if they are all conspiring together across companies we are likely fucked unless some random guy happens to be looking and notices.
Anyway, the real issue is that you can apparently make $50-100k for an exploitable bug, so there's quite an incentive for individual developers to put them in or otherwise not report them.
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds