...
This non-compliant code example reuses the msg identifier twice: at the start of the program compilation unit (with file scope) and also local to the report_error() function. Consequently, the programmer unintentionally copies a string to the locally declared msg array within the report_error() function, failing to initialize the assign global variable and resulting in a potential buffer overflow.
...