NPD.GEN.CALL.MUSTPossible assigned null pointer may be dereferenced through a function callAn attempt to access data using a null pointer causes a runtime error. When a program dereferences a pointer that is expected to be valid but turns out to be null, a null pointer dereference occurs. Null-pointer dereference defects often occur due to ineffective error handling or race conditions, and typically cause abnormal program termination. Before a pointer is dereferenced in C/C++ code, it must be checked to confirm that it is not equal to null. The NPD checkers look for instances in which a null or possibly null pointer is dereferenced. The NPD.GEN.CALL.MUST checker flags situations in which a null pointer that's been assigned a constant null value locally is subsequently passed to a function that dereferences it without checking it for null. Vulnerability and riskNull-pointer dereferences usually result in the failure of the process. These issues typically occur due to ineffective exception handling. Mitigation and preventionTo avoid this vulnerability:
Vulnerable code example
1 void reassign(int *argument, int *p) {
2 if (goodEnough(argument)) return;
3 *argument = *p;
4 }
5
6 void npd_gen_call_must(int *argument) {
7 int *p = NULL;
8 reassign(argument, p);
9 }
Klocwork reports a defect in this example because *p, which is assigned a null constant value, is passed to function reassign, in which it's dereferenced. This type of vulnerability can produce unexpected and unintended results. Fixed code example
1 void reassign(int *argument, int *p) {
2 if (goodEnough(argument)) return;
3 *argument = *p;
4 }
5
6 void npd_gen_call_must(int *argument) {
7 int *p = NULL;
8 if (p != 0) reassign(argument, p);
9 }
In the fixed code, *p is checked for null in line 8 before the dereference. Related checkersExtensionThis checker can be extended through the Klocwork knowledge base. See Tuning C/C++ analysis for more information. |