SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 63

changes.mady.by.user Tracey Tamules

Saved on

compared with

New Version 64

changes.mady.by.user Tracey Tamules

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
bgColor#ccccff
public static int cardinality(Object obj, final Collection col) {
  int count = 0;
  Iterator it = col.iterator();
  while (it.hasNext()) {
    Object elt = it.next();
    if ((null == obj && null == elt) || 
        (null != obj && obj.equals(elt))) {
      count++;
    }
  }
  return count;
}

Automated Detection

Wiki Markup
Null pointer dereferences can happen in path-dependent ways. Limitations of automatic detection tools can require manual inspection of code \[[Hovemeyer 2007|AA. Bibliography#Hovemeyer 07]\] to detect instances of null pointer dereferences. Annotations for method parameters that must be non-null can reduce the need for manual inspection by assisting automated null pointer dereference detection.

Risk Assessment

Wiki Markup
Dereferencing a {{null}} pointer can lead to a denial of service. For example, Java Web Start applications and applets particular to JDK version 1.6, prior to update 4, were affected by a bug that had some noteworthy security consequences. A {{NullPointerException}} was generated in some isolated cases when the application or applet attempted to establish an HTTPS connection with a server \[[SDN 2008|AA. Bibliography#SDN 08]\]. The failure to establish a secure HTTPS connection with the server caused a denial of service: clients were temporarily forced to use an insecure http channel for data exchange. In multithreaded programs, null pointer dereferences can violate cache coherency policies and can cause resource leaks.

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

EXP08-J

low

likely

high

P3

L3

Automated Detection

Wiki Markup
Null pointer dereferences can happen in path-dependent ways. Limitations of automatic detection tools can require manual inspection of code \[[Hovemeyer 2007|AA. Bibliography#Hovemeyer 07]\] to detect instances of null pointer dereferences. Annotations for method parameters that must be non-null can reduce the need for manual inspection by assisting automated null pointer dereference detection.

The Coverity Prevent Version 5.0 FORWARD_NULL checker can detect the instance where reference is checked against null but then dereferenced anyway.

...

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="adaf31eda8d7d10d-def68f8a-4c6a4409-be6fb33e-d0521f6758f22960d528de33"><ac:plain-text-body><![CDATA[

[[API 2006

AA. Bibliography#API 06]]

[method doPrivileged()

http://java.sun.com/javase/6/docs/api/java/security/AccessController.html#doPrivileged(java.security.PrivilegedAction)]

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="7fe80f9648cc0fd4-6229b88b-4fd148e4-accf8c66-643afbb5c1d37215173fae67"><ac:plain-text-body><![CDATA[

[[Hovemeyer 2007

AA. Bibliography#Hovemeyer 07]]

 

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="a5b490865ab1d60d-43589097-43d34a1b-b5a49b88-def7394d0735a4afdb044513"><ac:plain-text-body><![CDATA[

[[Reasoning 2003

AA. Bibliography#Reasoning 03]]

Defect ID 00-0001

]]></ac:plain-text-body></ac:structured-macro>

 

Null Pointer Dereference

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="f1abb38ffc6dbd79-ea1ea9a1-45764365-ac239f1c-782845b878c8cb34b01f243c"><ac:plain-text-body><![CDATA[

[[SDN 2008

AA. Bibliography#SDN 08]]

[Bug ID 6514454

http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6514454]

]]></ac:plain-text-body></ac:structured-macro>

...