Page History

...

Some standard library vendors, such as libstdc++, throw a std::logic_error when a null pointer is used in the above function calls, though not when calling std::char_traits::length(). However, std::logic_error is not a requirement of the C++ Standard, and some vendors (e.g., libc++ and the Microsoft Visual Studio STL, for example) do not implement this behavior. For portability, you should not rely on this behavior.

...

In this compliant solution, the results from the call to std::getenv() are checked for null before the std::string object is constructed:.

Code Block

bgColor	#ccccff
lang	cpp

#include <cstdlib>
#include <string>
 
void f() {
  const char *tmpPtrVal = std::getenv("TMP");
  std::string tmp(tmpPtrVal ? tmpPtrVal : "");
  if (!tmp.empty()) {
    // ...
  }
}

...

Dereferencing a null pointer is undefined behavior, typically abnormal program termination. In some situations, however, dereferencing a null pointer can lead to the execution of arbitrary code [Jack 2007], [van Sprundel 2006]. The indicated severity is for this more severe case; on platforms where it is not possible to exploit a null pointer dereference to execute arbitrary code, the actual severity is low.

Rule	Severity	Likelihood

Remediation Cost

Detectable	Repairable	Priority	Level
STR51-CPP	High	Likely

Medium

No

Yes

P18

L1

Automated Detection

Tool	Version	Checker	Description

Astrée

Include Page

	Astrée_V
	Astrée_V

assert_failure

CodeSonar

Include Page

	CodeSonar_V
	CodeSonar_V

LANG.MEM.NPD

Null Pointer Dereference

Helix QAC

Include Page

	Helix QAC_V
	Helix QAC_V

DF4770, DF4771, DF4772, DF4773, DF4774

Klocwork

Include Page

	Klocwork_V
	Klocwork_V

NPD.CHECK.CALL.MIGHT
NPD.CHECK.CALL.MUST
NPD.CHECK.MIGHT
NPD.CHECK.MUST
NPD.CONST.CALL
NPD.CONST.DEREF
NPD.FUNC.CALL.MIGHT
NPD.FUNC.CALL.MUST
NPD.FUNC.MIGHT
NPD.FUNC.MUST
NPD.GEN.CALL.MIGHT
NPD.GEN.CALL.MUST
NPD.GEN.MIGHT
NPD.GEN.MUST
RNPD.CALL
RNPD.DEREF