Unitialized data is referenced in 'b2PolygonShape::Set'.

[charlie5]

The 'ps' array of 'b2Vec2' is not initialized and has no default constructor. This will lead to random data being fed to 'b2DistanceSquared'.

void b2PolygonShape::Set(const b2Vec2* vertices, int32 count)
    {
      b2Assert(3 <= count && count <= b2_maxPolygonVertices);
      if (count < 3)
      {
        SetAsBox(1.0f, 1.0f);
         return;
      }
   
      int32 n = b2Min(count, b2_maxPolygonVertices);
   
       // Perform welding and copy vertices into local buffer.
      b2Vec2 ps[b2_maxPolygonVertices];     // *** ps array declared here ***
      int32 tempCount = 0;
      for (int32 i = 0; i < n; ++i)
      {
         b2Vec2 v = vertices[i];
   
         bool unique = true;
         for (int32 j = 0; j < tempCount; ++j)
         {
            if (b2DistanceSquared(v, ps[j]) < ((0.5f * b2_linearSlop) * (0.5f * b2_linearSlop)))     // *** ps has not been initialized yet ***
            {
               unique = false;
               break;
            }
         }
   
         if (unique)
         {
            ps[tempCount++] = v;
         }
      }

[kritma]

int32 tempCount = 0
so "for (int32 j = 0; j < tempCount; ++j)"
is skipped and ps initialized later
if (unique)
{
ps[tempCount++] = v;
}

[erincatto]

Closing out v2 issues since it is no longer supported.