I've yet to see a computer science professor with particularly excellent code, either. I run across assignments and example code from courses on a regular basis that fall into the "Never, ever do that" category of programming. Case in point, a relative of mine recently had some questions about a CS programming assignment. Part of the assignment description talked about design patterns and predictably went straight for the Singleton as an example. I'm pretty sure that's the only pattern that about 90% of programmers ever actually learn when reading about design patterns and it's so abused in the industry right now that you can basically never get one past a design review board.
Anywhoo, back in the '90's I worked for a company that was getting a B2 Certification for its operating system. My job basically consisted of reading the entire AT&T C standard library code, finding potential security flaws, writing tests for those flaws and then writing a report with the tests which would be delivered to the NSA. I found the remote buffer overflow in the AT&T telnet daemon a couple years before the same overflow was discovered in the Linux telnet daemon. So the NSA basically outsourced the hard work of finding all those exploits to the companies that were trying to get security certifications. It took three or four guys just a few months to go through all the stuff we had to look at. I'm sure we missed a bit, but I was much more confident in the security of their OS at the end of all that. Too bad they eventually went out of business, were acquired by IBM and their products were killed. You know, progress!