RS.NPD.CHECK.CALL.MIGHT

Previously checked null pointer may be dereferenced through a function call

An attempt to access data using a null pointer causes a runtime error. When a program dereferences a pointer that is expected to be valid but turns out to be null, a null pointer dereference occurs. Null-pointer dereference defects often occur due to ineffective error handling or race conditions, and typically cause abnormal program termination. Before a pointer is dereferenced in Rust code, it must be checked to confirm that it is not equal to null.

The RS.NPD checkers look for instances in which a null or possibly null pointer is dereferenced.

The RS.NPD.CHECK.CALL.MIGHT checker flags situations in which a pointer that's been checked for a null value might subsequently be passed to a function that might dereference it without checking it for null.

Vulnerability and risk

Null-pointer dereferences usually result in the failure of the process. These issues typically occur due to ineffective exception handling.

Mitigation and prevention

To avoid this vulnerability:

• Check for a null value in the results of all functions that return values
• Make sure all external inputs are validated
• Explicitly initialize variables
• Make sure that unusual exceptions are handled correctly

Related checkers

• RS.NPD.CHECK.CALL.MUST
• RS.NPD.CHECK.MIGHT
• RS.NPD.CHECK.MUST
• RS.NPD.CONST.CALL
• RS.NPD.CONST.DEREF
• RS.NPD.FUNC.CALL.MIGHT
• RS.NPD.FUNC.CALL.MUST
• RS.NPD.FUNC.MIGHT
• RS.NPD.FUNC.MUST
• RS.NPD.GEN.CALL.MIGHT
• RS.NPD.GEN.CALL.MUST
• RS.NPD.GEN.MIGHT
• RS.NPD.GEN.MUST

External guidance

• CWE-476: NULL Pointer Dereference

Security training

Application security training materials provided by Secure Code Warrior.

• Null Dereference Training Video - Test your skills with a training example