CS.CMP.VAL.NULL

Entity of a type parameter without reference constraints in a generic type is compared with 'null'.

Vulnerability and risk

If a type parameter in a generic type has no reference contraints, it can be substituted with a value type. Comparing value type entities with 'null' always returns false and is therefore useless.

Example 1

Copy

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
  namespace Namespace {
      class Foo<T1> where T1: class {
          T1 t;
          bool checkT() {
              return (t == null);  // OK - cannot be a value type
          }
      }
      class Bar<T2> where T2: struct {
          T2 t;
         bool setT(T2 arg) {
             if (arg != null)     // defect
                 t = arg;
         }
     }
 }

External guidance

CWE-570: Expression is Always False

Security training

Application security training materials provided by Secure Code Warrior.

Business Logic Training Video - Test your skills with a training example