# 3.31 Pointers

## Storage Pointers

There is a security pitfall related to the use of uninitialized storage pointers. Local storage variables that are uninitialized can point to unexpected storage locations within the contract.

This can lead to developers unintentionally modifying the contract state, which can lead to serious vulnerabilities. Given that this is so error-prone, `Solidity` compiler `0.5.0` started disallowing such pointers.

## Function Pointers

There was a security risk in using uninitialized function pointers within constructors of contracts because of a compiler bug that resulted in unexpected behavior.

This compiler bug was present in `Solidity` versions `0.4.5` to `0.4.26` and `0.5.0` to `0.5.7` and has since been fixed.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://secureum.gitbook.io/secureum-book/learn/learn/3_security_pitfalls_and_best_practices/3.31_pointers.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.