Null pointer dereferencing occurs when a null variable is treated as if it were a valid object reference and used without checking its state. This condition results in a NullPointerException, which could and can also result in denial of service. Programs must not dereference Consequently, null pointers must never be dereferenced.
Noncompliant Code Example
...
| Code Block | ||
|---|---|---|
| ||
public static int cardinality(Object obj, final Collection col) {
int count = 0;
Iterator it = col.iterator();
while (it.hasNext()) {
Object elt = it.next();
if ((null == obj && null == elt) ||
(null != obj && obj.equals(elt))) {
count++;
}
}
return count;
}
|
Note that explicit Explicit null checks as shown here are one an acceptable approach to eliminating null pointer dereferences.
...
| Wiki Markup |
|---|
Null pointer dereferences can happen in path-dependent ways. Limitations of automatic detection tools can require manual inspection of code \[[Hovemeyer 2007|AA. Bibliography#Hovemeyer 07]\] to detect instances of null pointer dereferences. Annotations for method parameters that must be non-null can reduce the need for manual inspection by assisting automated null pointer dereference detection; use of these annotations is strongly encouraged. |
The Coverity Prevent Version 5.0 FORWARD_NULL checker can detect the instance where reference is checked against null but then dereferenced anyway.
Related Vulnerabilities
| Wiki Markup |
|---|
Java Web Start applications and applets particular to JDK version 1.6, prior to update 4, were affected by a bug that had some noteworthy security consequences. In some isolated cases, the application or applet's attempt to establish an HTTPS connection with a server generated a {{NullPointerException}} \[[SDN 2008|AA. Bibliography#SDN 08]\]. The resulting failure to establish a secure HTTPS connection with the server caused a denial of service:. clientsClients were temporarily forced to use an insecure httpHTTP channel for data exchange. |
...
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="6be777c245c759cb-32ab323b-424541a5-ad09ad14-6352e638054013fd53055567"><ac:plain-text-body><![CDATA[ | [ISO/IEC TR 24772:2010 | http://www.aitcnet.org/isai/] | " Null Pointer Dereference [XYH] " | ]]></ac:plain-text-body></ac:structured-macro> |
CWE-476, "NULL Pointer Dereference" . NULL pointer dereference |
Bibliography
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="76a7f9e081cf1180-4d6424e4-4cfe45ca-b3869a21-3978a02f3eb17d14c79cae0e"><ac:plain-text-body><![CDATA[ | [[API 2006 | AA. Bibliography#API 06]] | [method Method doPrivileged() | http://java.sun.com/javase/6/docs/api/java/security/AccessController.html#doPrivileged(java.security.PrivilegedAction)] | ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="2d586338fd726eb6-c1d114fe-4b4840e8-9467a354-e52bb4816e7ef804b851932b"><ac:plain-text-body><![CDATA[ | [[Hovemeyer 2007 | AA. Bibliography#Hovemeyer 07]] |
| ]]></ac:plain-text-body></ac:structured-macro> | |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="6b998924b40bfe72-d40e642d-427c43dd-8a44a246-eeb60698a3f37b1fdb0323f3"><ac:plain-text-body><![CDATA[ | [[Reasoning 2003 | AA. Bibliography#Reasoning 03]] | Defect ID 00-0001 | ]]></ac:plain-text-body></ac:structured-macro> | |
| Null Pointer Dereference | ||||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="fdf62c6ab6c6ef53-c3519cf0-436c477d-bfd2b0b0-0aad27edaa0bcfa845775e9b"><ac:plain-text-body><![CDATA[ | [[SDN 2008 | AA. Bibliography#SDN 08]] | [Bug ID 6514454 | http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6514454] | ]]></ac:plain-text-body></ac:structured-macro> |
...