CS.NRE.CONST.CALL

A null object reference constant value is passed to a function that may dereference it without checking for null.

Vulnerability and risk

Dereferencing a null object reference is a critical runtime problem that will crash the application on some operating systems and throw a runtime exception on others.

Example 1

Copy

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
                      class Param {
                          public int par1() {
                              return 0;
                          }
                      }
                      class NPD3 {
                          public void foo() {
                              foo2(null);
                          }
                         public void foo2(Param param) {
                             if (flag)
                                 return;
                             param.par1();
                         }
                         private bool flag;
                     }

Klocwork produces an issue report (CS.NRE.CONST.CALL) at line 8. Constant null-pointer value is passed as argument 1 to function 'foo2' at line 8, which may dereference it.

External guidance

CWE-476: NULL Pointer Dereference

Security training

Application security training materials provided by Secure Code Warrior.

Null Dereference Training Video - Test your skills with a training example