...
If an object that has automatic storage duration is not initialized explicitly, its value is indeterminate.
(See also undefined behavior 11 in Annex J.)
In the common case of local, automatic variables being stored on the program stack, their values default to whichever values are currently stored in stack memory.
...
Uninitialized automatic variables or dynamically allocated memory has indeterminate value, which for objects of some types can be a trap representation. Reading uninitialized memory is undefined behavior (see undefined behavior 10 and undefined behavior 12 in Annex J of the C Standard); it can cause a program to behave in an unexpected manner and provide an avenue for attack. In many cases, compilers issue a warning diagnostic message when reading uninitialized variables. See MSC00-C. Compile cleanly at high warning levels for more information.
...
In this noncompliant code example, the function mbrlen() is passed the address of an automatic mbstate_t object that has not been properly initialized. This is undefined behavior 200 because mbrlen() dereferences and reads its third argument. See undefined behavior 200 in Annex J of the C Standard.
| Code Block | ||||
|---|---|---|---|---|
| ||||
#include <string.h>
#include <wchar.h>
void func(const char *mbs) {
size_t len;
mbstate_t state;
len = mbrlen(mbs, strlen(mbs), &state);
}
|
...
The realloc() function changes the size of a dynamically allocated memory object. The initial size bytes of the returned memory object are unchanged, but any newly added space is uninitialized, and its value is indeterminate. As in the case of malloc(), accessing memory beyond the size of the original object results in undefined behavior. See undefined behavior 181 in Annex J of the standard.
It is the programmer's responsibility to ensure that any memory allocated with malloc() and realloc() is properly initialized before it is used.
...