Sometimes null is returned intentionally to account for zero available instances. This practice can lead to vulnerabilities when the client code does not explicitly handle the null return case.
Noncompliant Code Example
The erroneous behavior is caused due to the server returning null while the client forgets to add in a check for such a value. This noncompliant example shows how the check item != null condition is missing from the if condition in class ClientThis noncompliant code example returns a null ArrayList when its size is zero. The class Inventory contains a getStock() method that constructs a list of items that have zero inventory and returns the list of items to the caller. When the size of this list is zero, a null is returned with the assumption that the client will install the necessary checks. Here, the client omits the check causing a NullPointerException at runtime.
| Code Block | ||
|---|---|---|
| ||
import java.util.Arrays; class Inventory { private final static int[] itemHashtable<String, Integer> items; public Inventory() { itemitems = new int[20]; Hashtable<String, Integer>(); } public static int[] getStock() { List<String> getStock() { List<String> l = new ArrayList<String>(); Enumeration e = items.keys(); while(e.hasMoreElements()) { Object value = e.nextElement(); if(item.length((items.get(value)) == 0) l.add((String)value); } if(items.size() == 0) return null; else return iteml; } } public class Client { public static void main(String[] args) { Inventory iv = new Inventory(); int[] itemList<String> items = Inventoryiv.getStock(); if (Arrays.asList(item[1]).contains(1)) { System.out.println("Almost out of stock!" + item); } (items.size()); // throws a NPE } } |
Compliant Solution
...
This compliant solution eliminates the {{null}} return and simply returns the {{item}} array as is even if it is the List, even if it is zero-length. The client can effectively handle this situation without exhibiting erroneous behavior. Be careful that the client does not try to access individual elements of a zero-length array such as {{item\[1\]}} while following this recommendationwithout being interrupted by runtime exceptions. When arrays are returned instead of collections, care must be taken so that the client does not access individual elements of a zero-length array.
| Code Block | ||
|---|---|---|
| ||
import java.util.Arrays; class Inventory class Inventory { private final Hashtable<String, Integer> items; public Inventory() { items private= static int[] item;new Hashtable<String, Integer>(); } public List<String> InventorygetStock() { List<String> iteml = new int[20]ArrayList<String>(); Integer noOfItems; item[2] Enumeration e = 1items.keys(); //quantity of item 2 remaining is 1, almost out! } public static int[] getStock() { while(e.hasMoreElements()) { Object value = e.nextElement(); if((noOfItems = items.get(value)) == 0) l.add((String)value); } return item;l; // return zero-length arraylist } } public class Client { public static void main(String[] args) { Inventory iv = new Inventory(); int[]List<String> itemitems = Inventoryiv.getStock(); if (Arrays.asList(item[1]).contains(1System.out.println(items.size()); // throws a NPE } } |
Compliant Solution
This compliant solution returns an empty-list which is an equivalent, permissible technique.
| Code Block | ||
|---|---|---|
| ||
public List<String> getStock() { List<String> l = new ArrayList<String>(); Integer noOfItems; Enumeration e = items.keys(); while(e.hasMoreElements()) { Object value System.out.println("Almost out of stock!" + item);= e.nextElement(); if((noOfItems = items.get(value)) == 0) l.add((String)value); } if(l.isEmpty()) return Collections.EMPTY_LIST; else return }l; } |
Risk Assessment
Returning null rather than a zero-length array may lead to vulnerabilities when the client code does not handle null properly.
...