RS.NPD.FUNC.MUST
Possible null pointer is dereferenced
An attempt to access data using a null pointer causes a runtime error. When a program dereferences a pointer that is expected to be valid but turns out to be null, a null pointer dereference occurs. Null-pointer dereference defects often occur due to ineffective error handling or race conditions, and typically cause abnormal program termination. Before a pointer is dereferenced in Rust code, it must be checked to confirm that it is not equal to null.
The RS.NPD checkers look for instances in which a null or possibly null pointer is dereferenced.
The RS.NPD.FUNC.MUST checker flags situations in which a pointer value from a function call that might return null is subsequently dereferenced explicitly or passed to a function that dereferences it without checking it for null.
Vulnerability and risk
Null-pointer dereferences usually result in the failure of the process. These issues typically occur due to ineffective exception handling.
Mitigation and prevention
To avoid this vulnerability:
- Check for a null value in the results of all functions that return values
- Make sure all external inputs are validated
- Explicitly initialize variables
- Make sure that unusual exceptions are handled correctly
Vulnerable code example (intraprocedural)
use std::ptr;
fn main() {
let x: *const i32 = ptr::null();
unsafe {
let _value = *x; // RS.NPD.FUNC.MUST
}
}Vulnerable code example (interprocedural)
use std::ptr;
unsafe fn deref(a : i32, ptr: *const i32) -> i32{
*ptr
}
fn main() {
let x: *const i32 = ptr::null();
unsafe {
deref(5, x); // RS.NPD.FUNC.MUST
}
}Related checkers
External guidance
Security training
Application security training materials provided by Secure Code Warrior.