• CodeQL query help documentation »
• CodeQL query help for Java and Kotlin »

Dereferenced expression may be null

ID: java/dereferenced-expr-may-be-null
Kind: problem
Security severity: 
Severity: warning
Precision: high
Tags:
   - reliability
   - correctness
   - exceptions
   - external/cwe/cwe-476
Query suites:
   - java-security-and-quality.qls

Click to see the query in the CodeQL repository

Dereferencing a null value leads to a NullPointerException.

An expression may be implicitly dereferenced if its type is a boxed primitive type, and it occurs in a context in which implicit unboxing occurs.

Recommendation

Ensure that the expression does not have a null value when it is dereferenced. Use boxed types as appropriate to hold values that are potentially null.

Example

In the following example implicit unboxing can cause a NullPointerException if helper is null.

public int getID() {
    return helper == null ? null : helper.getID();
}

If the method is intended to return null, the return type should be changed to Integer.

References

• The Java Tutorials: Autoboxing and Unboxing.

• Common Weakness Enumeration: CWE-476.

• © GitHub, Inc.
• Terms
• Privacy