SEC-NULL-assignment-fun-pos
In this section:
Synopsis
A pointer that might have been assigned the value NULL is dereferenced.
Enabled by default
No
Severity/Certainty
High/Medium
Full description
A pointer that might have been assigned the value NULL, either directly or by a function call that can return NULL, is dereferenced, either directly or by being passed to a function which might dereference it without checking its value. This might cause an application crash. A pointer that might be NULL should be checked before it is dereferenced.
Coding standards
- CERT EXP34-C
Do not dereference null pointers
- CWE 476
NULL Pointer Dereference
Code examples
The following code example fails the check and will give a warning:
#define NULL ((void*) 0)
void * malloc(unsigned long);
int * xmalloc(int size){
int * res = malloc(sizeof(int)*size);
if (res != NULL)
return res;
else
return NULL;
}
void zeroout(int *xp, int i)
{
xp[i] = 0;
}
int foo() {
int * x;
int i;
x = xmalloc(45);
// if (x)
// return -1;
for(i = 0; i < 45; i++)
zeroout(x, i);
}
The following code example passes the check and will not give a warning about this issue:
#define NULL ((void*) 0)
void * malloc(unsigned long);
int * xmalloc(int size){
int * res = malloc(sizeof(int)*size);
if (res != NULL)
return res;
else
return NULL;
}
void zeroout(int *xp, int i)
{
xp[i] = 0;
}
int foo() {
int * x;
int i;
x = xmalloc(45);
if (x == NULL)
return -1;
else {
for(i = 0; i < 45; i++)
zeroout(x, i);
}
}