PTR-null-fun-pos
In this section:
Synopsis
A possible NULL pointer is returned from a function, and immediately dereferenced without checking.
Enabled by default
Yes
Severity/Certainty
High/Medium
Full description
A pointer that might be NULL is returned from a function, and immediately dereferenced without checking.
Coding standards
- CERT EXP34-C
Do not dereference null pointers
- CWE 476
NULL Pointer Dereference
Code examples
The following code example fails the check and will give a warning:
#include <string.h>
char *getenv(const char *name)
{
return strcmp(name, "HOME")==0 ? "/" : NULL;
}
int ex(void)
{
return *getenv("USER"); //getenv() might return NULL
}
The following code example passes the check and will not give a warning about this issue:
#include <stdlib.h>
int main(void)
{
int *p = malloc(sizeof(int));
if (p != 0) {
*p = 4;
}
return (int)p;
}