I'm guilty of similar.
"What the hell were you thinking?"
answer about thinking about security by design
"clearly not, since I can overflow your input right here."
but you shouldn't do that
"and your code shouldn't roll over and die just because of malformed input!"
That landed me in a meeting about sensitivity.
Mind you, this was a public facing API I was criticizing and the dev had rejected the bug I filed on it for this reason.