...
Some compilers assume that when the address of an uninitialized variable is passed to a function, the variable is initialized within that function. Because compilers frequently fail to diagnose any resulting failure to initialize the variable, the programmer must apply additional scrutiny to ensure the correctness of the code.
Compliant Solution
This defect results from a failure to consider all possible data states. (See See MSC01-C. Strive for logical completeness.) Once the problem is identified, it can be trivially repaired
Compliant Solution
This compliant solution trivially repairs the problem by accounting for the possibility that that number can can be equal to 0.
Although compilers and static analysis tools often detect uses of uninitialized variables when they have access to the source code, diagnosing the problem is difficult or impossible when either the initialization or the use takes place in object code for which the source code is inaccessible. Unless doing so is prohibitive for performance reasons, an additional defense-in-depth practice worth considering is to initialize local variables immediately after declaration.
...