mirror of
https://github.com/github/codeql.git
synced 2026-01-17 00:14:51 +01:00
33 lines
1.1 KiB
XML
33 lines
1.1 KiB
XML
<!DOCTYPE qhelp PUBLIC
|
|
"-//Semmle//qhelp//EN"
|
|
"qhelp.dtd">
|
|
<qhelp>
|
|
|
|
|
|
<overview>
|
|
<p>
|
|
This query finds pointer dereferences that use a pointer returned from a function which may return NULL. Always
|
|
check your pointers for NULL-ness before dereferencing them. Dereferencing a null pointer and attempting to
|
|
modify its contents can lead to anything from a segmentation fault to corruption of important system data
|
|
(for example, the interrupt table in some architectures).
|
|
</p>
|
|
</overview>
|
|
|
|
<recommendation>
|
|
<p>
|
|
Add a null check before dereferencing the pointer, or modify the function so that it always returns a non-null value.
|
|
</p>
|
|
</recommendation>
|
|
|
|
<example>
|
|
<p>In this example, the function is not protected from dereferencing a null pointer. It should be updated to ensure that
|
|
this cannot happen.
|
|
</p>
|
|
<sample src="MissingNullTest.cpp" />
|
|
</example>
|
|
|
|
<references>
|
|
<li>SEI CERT C Coding Standard: <a href="https://wiki.sei.cmu.edu/confluence/display/c/EXP34-C.+Do+not+dereference+null+pointers">EXP34-C. Do not dereference null pointers</a>.</li>
|
|
</references>
|
|
</qhelp>
|