...
| Code Block |
|---|
void log_error(char *msg) {
printf("Error: %s\n", msg);
}
...
log_error("Unable to login");
...
|
Priority: P2 Level:
...
L3
Uninitialized variables are relatively unlikely to result in an exploitable vulnerability because most compilers provide warnings when an uninitialized variable is referenced and most programmers take these warnings seriously.
Component | Value |
|---|---|
Severity | 1 (low) |
Likelihood | 1 (unlikely) |
Remediation cost | 2 (highmedium) |
References
- mercy
- ISO/IEC 9899-1999 Section 6.7.8 Initialization