An object reference value that is positively checked for null will be dereferenced either explicitly, or through a call to a function that can dereference it, without checking for null.

Vulnerability and risk

Dereferencing a null object reference is a critical runtime problem that will crash the application on some operating systems and throw a runtime exception on others.

Example 1

1                  public class A {
2                      public void foo() {
3                          A a = new A();
4                          if (a == null)
5                              a.foo();
6                      }
7                  }

Klocwork produces an issue report (CS.NRE.CHECK.MUST) at line 5 for variable 'a'. Variable 'a' is compared with null value at line 4, and therefore can be expected to be null when it is dereferenced at line 5.

Security training

Application security training materials provided by Secure Code Warrior.