REDUN.EQNULL

A redundant operation is one that does not have any effect, such as

• an assignment of a variable to itself
• use of an expression that will be evaluated to a constant such as a/a
• use of an expression that can be reduced to one operand such as a & a

Even if this is not an error on its own, it may indicate a larger error in the code. A REDUN.EQNULL warning is reported for a suspicious call to equals() with null passed as a parameter. Normally, equals(null) returns false (object is never equal to null).

Example 1

9      public int test() {
10         String s = "String";
11         if (s.equals(null)) {
12             return 1;
13         }
14         return 0;
15     }

REDUN.EQNULL is reported for line 11: Suspicious equals() called with 's' and null (never true).

External guidance

• CWE-570: Expression is Always False
• CWE-476: NULL Pointer Dereference

Security training

Application security training materials provided by Secure Code Warrior.

• Null Dereference Training Video - Test your skills with a training example