"Leap year bugs can be found anywhere, in any language, but are most dangerous in C / C++ code, where they can cause application crashes or buffer overflows (which are a security risk)," he notes.
Code that involves adding or subtracting years in C/C++ and declaring an array of values for each day of the year are both susceptible to leap-year issues, he says.
February 29 isn't the only day affected by leap year. December 31, which is the 366th day of the year, can be, too, Johnson reminds devs. Devs need to scrutinize their code; learn how to "mock th clock" in their unit tests; and test year-round, not just before leap years, he advises.