...
This non-compliant code example reuses declares the msg identifier twice: at the start of the compilation unit (with file scope) and also reuses the same identifier to declare a character array local to the report_error() function. Consequently, the programmer unintentionally copies a string to the locally declared msg array within the report_error() function, failing to initialize the assign global variable and resulting in a potential buffer overflow.
...