...
Noncompliant Code Example
Wiki Markup cardinality}} method was designed to return the number of occurrences of object {{obj}} in collection {{col}}. One valid use of the {{cardinality}} method is to determine how many objects in the collection are {{null}}. However, because membership in the collection is checked using the expression {{obj.equals(elt)}}, a null pointer dereference is guaranteed whenever {{obj}} is {{null}} and {{elt}} is not {{null}}.
| Code Block | ||
|---|---|---|
| ||
public static int cardinality(Object obj, final Collection col) {
int count = 0;
if (col == null) {
return count;
}
Iterator it = col.iterator();
while (it.hasNext()) {
Object elt = it.next();
if ((null == obj && null == elt) || obj.equals(elt)) { // null pointer dereference
count++;
}
}
return count;
}
|
...
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
EXP01-J | low | likely | high | P3 | L3 |
Automated Detection
...
Null pointer dereferences can happen in path-dependent ways. Limitations of automatic detection tools can require manual inspection of code \ [[Hovemeyer 2007|AA. References#Hovemeyer 07]\] to detect instances of null pointer dereferences. Annotations for method parameters that must be non-null can reduce the need for manual inspection by assisting automated null pointer dereference detection; use of these annotations is strongly encouraged.
Related Vulnerabilities
...
Java Web Start applications and applets particular to JDK version 1.6, prior to update 4, were affected by a bug that had some noteworthy security consequences. In some isolated cases, the application or applet's attempt to establish an HTTPS connection with a server generated a {{NullPointerException}} \[ [SDN 2008|AA. References#SDN 08]\]. The resulting failure to establish a secure HTTPS connection with the server caused a denial of service. Clients were temporarily forced to use an insecure HTTP channel for data exchange.
Related Guidelines
EXP34-CPP. Ensure a null pointer is not dereferenced<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="4582d625-bbbc-43bc-81d0-58bdb9c0fc96"><ac:plain-text-body><![CDATA[ | |
[ISO/IEC TR 24772:2010http://www.aitcnet.org/isai/] | Null Pointer Dereference [XYH] ] ]></ac:plain-text-body></ac:structured-macro> |
CWE-476. NULL pointer dereference |
Bibliography
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="9d9a2f25-ccb4-449a-93cb-8ac62897c753"><ac:plain-text-body><![CDATA[ | [[API 2006AA. References#API 06] ] | http://java.sun.com/javase/6/docs/api/java/security/AccessController.html#doPrivileged(java.security.PrivilegedAction)] | ]]></ac:plain-text-body></ac:structured-macro> | <ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="db8547e3-db6e-411f-8fe2-bc06cdff8fd3"><ac:plain-text-body><![CDATA[ | |
[[Hovemeyer 2007AA. References#Hovemeyer 07] ] |
| ]]></ac:plain-text-body></ac:structured-macro> | <ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="edb36d9e-e159-4d48-be9d-ed7aaf6af36c"><ac:plain-text-body><![CDATA[ | ||
[ [Reasoning 2003AA. References#Reasoning 03]] | Defect ID 00-0001 ]]></ac:plain-text-body></ac:structured-macro> | ||||
| Null Pointer Dereference <ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="d5d30a5c-38d4-45d3-a018-46db48e06c68"><ac:plain-text-body><![CDATA[ | ||||
[ [SDN 2008AA. References#SDN 08]] | [Bug ID 6514454http://bugs.sun.com/bugdatabase/view_bug.do?bug_id= 6514454] |
...
02. Expressions (EXP) EXP02-J. Use the two-argument Arrays.equals() method to compare the contents of arrays