Example for Initialization Analysis

class Test {
    static void test(int p) {
	int n;
	p = p - 1;
	if (p > 0) {
	    n = 100;
	while (n != 0) {
	    n = n - p;

What does compiler do with the above program?

Corrected program:

We would like variables to be initialized on all execution paths. Otherwise, the program execution could be undesirable affected by the value that was in the variable initially:

  • junk value that was there in the memory
  • a value that an attacker purposely put into memory, especially in the presence of

A tool that checks PHP errors, including initialization: Phantm