Checkers:RNPD.CALL
From current
Reference > C/C++ checkers > RNPD.CALL
This warning is reported in situations where a pointer is dereferenced by an argument being passed to a function. The pointer has then been compared with NULL. There are no pointer changes on the trace between dereferencing and checking; so, it is very likely that at dereferencing, the pointer is NULL, or the NULL check is improper.
Vulnerability and risk
Identifies one of three things:
- A pointer that can be NULL by design was dereferenced without a proper check; this will lead to a runtime error
- A condition is written incorrectly; the code will not work as intended
- There is a redundant check; unnecessary code will be generated
Example 1
1 void deref(int *p){ 2 *p = *p + 10; 3 } 4 5 void rnpd_2(int *t){ 6 7 deref(t); 8 if (!t) return; 9 *t ++; 10 }
This example dereferences 't' twice. First time it is done without any verification through call to function deref(). Second dereference is guarded with check, it is unnecessary check, because if 't' is NULL application will crash after first dereference.