NPE.COND

A NullPointerException is thrown in case of an attempt to dereference a null value. The dereference may be a function call, a read or write of a field, or an array access. An NPE.COND error is reported for a local variable being dereferenced if it was checked for null earlier, and the check confirmed that its value might be null.

Example 1

15
16
17
18
19
20
21
22
23
24
     static void printPoint(Point p) {
         if (p == null) {
             System.err.println("p is null");
         }
         if (p.x < 0 || p.y < 0) {
             System.out.println("Invalid point");
             return;
         }
         System.out.println(p);
     }

NPE.COND is reported for line 19 since 'p' is dereferenced there, and 'p' could be null due to the check on line 16.

Related checkers

• NPE.CONST
• NPE.RET
• NPE.RET.UTIL
• NPE.STAT

External guidance

• CWE-476: NULL Pointer Dereference

Security training

Application security training materials provided by Secure Code Warrior.

• Null Dereference Training Video - Test your skills with a training example

Extension

This checker can be extended through the Klocwork knowledge base. See Tuning Java analysis for more information.