NPE.STAT

A NullPointerException is thrown in case of an attempt to dereference a null value. The dereference may be a function call, a read or write of a field, or an array access. NPE.STAT is reported for the result of a method call being dereferenced when the source code of the method is unavailable, but statistics indicate that it can return null. Statistics are gathered for the null checks applied to the values returned by methods.

Example 1

Copy
     public void printAbsoluteParentPath() {
         final File parent = f.getParentFile();
         if (parent != null) {
             String absolutePath = parent.getAbsolutePath();
             System.out.println("absolute path " + absolutePath);
         }
     }
 
     public void printCanonicalParentPath() throws IOException {
         final File parent = f.getParentFile();
         if (parent != null) {
             String canonicalPath = parent.getCanonicalPath();
             System.out.println("canonical path: " + canonicalPath);
         }
     }
 
     public void printParentPath() throws IOException {
         String path = f.getParentFile().getPath();
         System.out.println("path " + path);
     }

NPE.STAT is reported for line 39, since the value returned by 'getParentFile()' is usually checked for null before dereferencing, so there is a possibility of an NPE here.

Security training

Application security training materials provided by Secure Code Warrior.

Extension

This checker can be extended through the Klocwork knowledge base. See Tuning Java analysis for more information.