Page History

This noncompliant example shows a bug in Tomcat version 4.1.24 initially discovered by Reasoning \[[Reasoning 03|AA. Java References#Reasoning 03]\]. The {{cardinality}} method was designed to return the number of occurrences of object {{obj}} in collection {{col}}. A valid use of the {{cardinality}} method  is to determine how many objects in the collection are {{null}}. However, because membership in the collection is checked with the expression {{obj.equals(elt)}}, a null pointer dereference is guaranteed whenever {{obj}} is {{null}}. Such ambiguity can also result from the short-circuit behavior of the conditional AND and OR operators (See [EXP06EXP07-J. Be aware of the short-circuit behavior of the conditional AND and OR operators]).