SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 81

changes.mady.by.user Robert Seacord

Saved on

compared with

New Version 82

changes.mady.by.user David Svoboda

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

EXP01-EX0: A method may dereference an object parameter without testing it for null if the method documents that it throws a NullPointerException.

EXP01-EX1: Private methods may dereference an object parameter without testing it for null. This is permitted because anyone with the ability to invoke the method can also access its source code to see that it might throw NullPointerException.

Risk Assessment

Dereferencing a null pointer can lead to a denial of service. In multithreaded programs, null pointer dereferences can violate cache coherency policies and can cause resource leaks.

...

CERT C Secure Coding Standard

EXP34-C. Do not dereference null pointers

CERT C++ Secure Coding Standard

EXP34-CPP. Ensure a null pointer is not dereferenced

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="504c3a7ecaa3c192-03439959-4dd449ae-b1438c0d-ddea640e6137117f76576469"><ac:plain-text-body><![CDATA[

[ISO/IEC TR 24772:2010

http://www.aitcnet.org/isai/]

Null Pointer Dereference [XYH]

]]></ac:plain-text-body></ac:structured-macro>

MITRE CWE

CWE-476. NULL pointer dereference

...

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="bbc11aa58af13f7f-3b36a626-415943e2-bddf8140-d1761fc777daa79f5f6ebd46"><ac:plain-text-body><![CDATA[

[[API 2006

AA. References#API 06]]

[Method doPrivileged()

http://java.sun.com/javase/6/docs/api/java/security/AccessController.html#doPrivileged(java.security.PrivilegedAction)]

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="7ff0b49736cd5fba-456636d9-4f39476e-aa60919c-4df9bba94732dd3c5327476c"><ac:plain-text-body><![CDATA[

[[Hovemeyer 2007

AA. References#Hovemeyer 07]]

 

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="e4eff38f8a371933-9b4b6265-4a4d4f27-b75b8a61-89257f23352b45b41a8143ca"><ac:plain-text-body><![CDATA[

[[Reasoning 2003

AA. References#Reasoning 03]]

Defect ID 00-0001

]]></ac:plain-text-body></ac:structured-macro>

 

Null Pointer Dereference

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="75df48dfe8b10bd7-d7e4048d-4e224385-8d029e02-97b807edaebb2fc81391b582"><ac:plain-text-body><![CDATA[

[[SDN 2008

AA. References#SDN 08]]

[Bug ID 6514454

http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6514454]

]]></ac:plain-text-body></ac:structured-macro>

...