REDUN.NULL
REDUN.NULL is reported when a variable that always has null value is used in an expression .
Vulnerability and risk
A programmer may forget to initialize the variable with its actual value or variable is redundant.
Mitigation and prevention
Use a null constant or initialize the variable properly.
Example 1
Copy
String search(Collection<String> strings, String prefix) {
String res = null;
for (final String string : strings) {
if (string.startsWith(prefix)) {
return string;
}
}
return res;
}
REDUN.NULL is reported for the snippet on line 17: variable 'res' is always null here.
External guidance
Security training
Application security training materials provided by Secure Code Warrior.