Bug: usage-of-uninitialized value

A new bug is found. It is in src/sbbs3/scansubs.cpp

void sbbs_t::scanallsubs(long mode)
{
        char    str[256];
        char    tmp[512];
.....
 for(i=0; i<total_subs && !msgabort(); i++) {
                if(mode&SCAN_POLLS)
                        progress(text[Scanning], i, total_subs, 10);
                if(scanposts(sub[i],mode,str))
                        break;
        }

In function sbbs_t::scanallsubs, array str is not initialized in the first place. It may be initialized inside an if branch by getstr(). However, it may not be initialized in other branch and be directly use by scanposts(). Then str will be write into cmdline by function safe_snprintf in scanposts(): safe_snprintf(cmdline, sizeof(cmdline), "%s %s %ld %s", cfg.scanposts_mod, cfg.sub[subnum]->code, mode, find);

which may cause arbitrary code execution somehow(I am not sure, but it is definitely uninitialized value use)

Thank you for the review. I also reported this bug to CVE