Null pointer dereferencing occurs when a null variable is treated as if it were a valid object reference and used without checking its state. This condition results in a NullPointerException, which could and can also result in denial of service. Programs must not dereference Consequently, null pointers must never be dereferenced.
Noncompliant Code Example
...
| Code Block | ||
|---|---|---|
| ||
public static int cardinality(Object obj, final Collection col) {
int count = 0;
Iterator it = col.iterator();
while (it.hasNext()) {
Object elt = it.next();
if ((null == obj && null == elt) ||
(null != obj && obj.equals(elt))) {
count++;
}
}
return count;
}
|
Note that explicit Explicit null checks as shown here are one an acceptable approach to eliminating null pointer dereferences.
...
| Wiki Markup |
|---|
Null pointer dereferences can happen in path-dependent ways. Limitations of automatic detection tools can require manual inspection of code \[[Hovemeyer 2007|AA. Bibliography#Hovemeyer 07]\] to detect instances of null pointer dereferences. Annotations for method parameters that must be non-null can reduce the need for manual inspection by assisting automated null pointer dereference detection; use of these annotations is strongly encouraged. |
The Coverity Prevent Version 5.0 FORWARD_NULL checker can detect the instance where reference is checked against null but then dereferenced anyway.
Related Vulnerabilities
| Wiki Markup |
|---|
Java Web Start applications and applets particular to JDK version 1.6, prior to update 4, were affected by a bug that had some noteworthy security consequences. In some isolated cases, the application or applet's attempt to establish an HTTPS connection with a server generated a {{NullPointerException}} \[[SDN 2008|AA. Bibliography#SDN 08]\]. The resulting failure to establish a secure HTTPS connection with the server caused a denial of service:. clientsClients were temporarily forced to use an insecure httpHTTP channel for data exchange. |
...
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="e39fbeba2f262a13-659ef953-4ee04282-8e20a4b2-d6a32d7fa727d47b9fefb541"><ac:plain-text-body><![CDATA[ | [ISO/IEC TR 24772:2010 | http://www.aitcnet.org/isai/] | " Null Pointer Dereference [XYH] " | ]]></ac:plain-text-body></ac:structured-macro> |
CWE-476, "NULL Pointer Dereference" . NULL pointer dereference |
Bibliography
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="14c9f10095ae2efe-9ced6e6b-486741a5-a5d7af4b-39de551982651804c4755ef6"><ac:plain-text-body><![CDATA[ | [[API 2006 | AA. Bibliography#API 06]] | [method Method doPrivileged() | http://java.sun.com/javase/6/docs/api/java/security/AccessController.html#doPrivileged(java.security.PrivilegedAction)] | ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="5102bd94332f92a0-e8fea426-43164367-9ee2a14e-73e47127f442ec14367facba"><ac:plain-text-body><![CDATA[ | [[Hovemeyer 2007 | AA. Bibliography#Hovemeyer 07]] |
| ]]></ac:plain-text-body></ac:structured-macro> | |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="1f4797577640e188-326ce559-424445bd-925b90fb-2a948306d40e7030a52575e1"><ac:plain-text-body><![CDATA[ | [[Reasoning 2003 | AA. Bibliography#Reasoning 03]] | Defect ID 00-0001 | ]]></ac:plain-text-body></ac:structured-macro> | |
| Null Pointer Dereference | ||||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="3956e1bb66195d56-f640744d-4e864d05-9296a62e-fe3a8887b7df9303176f61a5"><ac:plain-text-body><![CDATA[ | [[SDN 2008 | AA. Bibliography#SDN 08]] | [Bug ID 6514454 | http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6514454] | ]]></ac:plain-text-body></ac:structured-macro> |
...