SEC-NULL-assignment
In this section:
Synopsis
A pointer is assigned the value NULL, then dereferenced.
Enabled by default
Yes
Severity/Certainty
High/High
Full description
A pointer is assigned the value NULL, then dereferenced. The assignment might be intentional to indicate that the pointer is no longer used, but it is an error to subsequently dereference it, and it might cause an application crash. The pointer should be checked for NULL before it is dereferenced. If the dereference is unintentional, you might want to either assign a value to the pointer or remove the dereference.
Coding standards
- CERT EXP34-C
Do not dereference null pointers
- CWE 476
NULL Pointer Dereference
Code examples
The following code example fails the check and will give a warning:
#include <stdlib.h>
int main(void) {
int *p;
p = NULL;
return *p; //dereference after
//assignment to NULL
}
The following code example passes the check and will not give a warning about this issue:
#include <stdlib.h>
int main(void) {
int *p;
p = NULL;
p = (int *)1;
return *p;
}