Explanation and fix for Possible null pointer dereference of

Question

Code review tool is complaining Possible null pointer dereference of safeScanWarnings in saveSafeScan(...) At the line if (safeScanWarnings != Null & safeScanWarnings.size() > 0)

I am wondering how is this possible? Is this because we are returning the collection by reference?

protected void saveSafeScan(final Response response, final Dtec dtec) throws dtecException
    {
        Collection<String> safeScanWarnings = dtec.getSafeScanWarnings();
        if (safeScanWarnings!=null && safeScanWarnings.size()>0)
        {
            Iterator<String> iterator = safeScanWarnings.iterator();

            int i = 0;
            while (iterator.hasNext())
            {
                String safeScanCode = iterator.next();
                if (i == 0)
                {
                    response.setSafeScanCode(safeScanCode);
                    response.setSafeScanCodeText(getMessage(String.format("DTECRESPONSE_SAFESCANCODE_%s",
                            StringUtils.trimToEmpty(safeScanCode))));
                }
                SafeScanWarning safeScan = new SafeScanWarning();
                safeScan.setCode(safeScanCode);
                safeScan.setMessage(String.format("DTECRESPONSE_SAFESCANCODE_%s", StringUtils.trimToEmpty(safeScanCode)));
                safeScan.setPriority(i);
                response.getSafeScanWarnings().add(safeScan);
                i++;
            }
        }
    }

While in your example the code is correct in your error the if has a `&` and no `&&`. So make sure that in the real code it's the shortcircuit evaluation. If that's already the case it's a bug in the tool. — Voo, Jul 27 '11 at 21:14
notice your comment above the code sample is `if (safeScanWarnings != null & safeScanWarnings.size() > 0)` which is wrong (buggy) — MeBigFatGuy, Sep 10 '11 at 22:17

score 11 · Accepted Answer · answered Jul 27 '11 at 19:57

If it's really pointing to that line, it looks like a bug in the code review tool to me.

As it's a local variable, there's no chance that it'll be changed by anything else between the nullity check and the size() call - so there's no way it'll throw a NullPointerException.

score 0 · Answer 2 · answered Oct 22 '13 at 15:52

0

Attribute "dtec" should be securised:

    if (null!=dtec && null!=safeScanWarnings && safeScanWarnings.size()>0)
    {
      Collection<String> safeScanWarnings = dtec.getSafeScanWarnings();

answered Oct 22 '13 at 15:52

Amin

1

score 0 · Answer 3 · edited Oct 29 '12 at 01:16

0

There is a branch of statement that, if executed, guarantees that a null value will be dereferenced, which would generate a NullPointerException when the code is executed. Of course, the problem might be that the branch or statement is infeasible and that the NullPointerException cannot ever be thrown. Deciding that is beyond the ability of FindBugs.

edited Oct 29 '12 at 01:16

wattostudios

8,666
13
43
57

answered Mar 21 '12 at 04:10

AKANKSHA

17
1

Explanation and fix for Possible null pointer dereference of

3 Answers3