A NullPointerException is thrown in case of an attempt to dereference a null value. The dereference may be a function call, a read or write of a field, or an array access. NPE.CONST is reported for an attempt to dereference a variable that was initialized with a null constant.

Example 1

     static String searchForMaxString(final String text) {
         if (text == null) return null;
         int max = 0;
         StringTokenizer tok = new StringTokenizer(text, ":");
         String found = null;
         while (tok.hasMoreTokens()) {
             String x = tok.nextToken();
             if (x.length() >= max) {
                 max = x.length();
                 found = x;
         int len = found.length();
         System.err.println(len + " -> " + found);
         return found;

NPE.CONST is reported for line 27 since the null value was assigned to variable 'found' on line 19.

Security training

Application security training materials provided by Secure Code Warrior.


This checker can be extended through the Klocwork knowledge base. See Tuning Java analysis for more information.