This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Null-pointer dereference"

From OWASP
Jump to: navigation, search
(Reverting to last version not containing links to www.textlarolbodron.com)
(Replaced content with "#REDIRECT https://www.owasp.org/index.php/Null_Dereference")
Line 1: Line 1:
{{template:CandidateForDeletion}}
+
#REDIRECT https://www.owasp.org/index.php/Null_Dereference
 
 
#REDIRECT [[::Category:Vulnerability]]
 
 
 
 
 
 
 
==Overview==
 
 
 
A null-pointer dereference takes place when a pointer with a value of NULL is used as though it pointed to a valid memory area.
 
 
 
==Consequences ==
 
 
 
* Availability: Null-pointer dereferences invariably result in the failure of the process.
 
 
 
==Exposure period ==
 
 
 
* Requirements specification: The choice could be made to use a language that is not susceptible to these issues.
 
 
 
* Implementation: Proper sanity checks at implementation time can serve to prevent null-pointer dereferences
 
 
 
==Platform ==
 
 
 
* Languages: C, C++, Assembly
 
 
 
* Platforms: All
 
 
 
==Required resources ==
 
 
 
Any
 
 
 
==Severity ==
 
 
 
Medium
 
 
 
==Likelihood  of exploit ==
 
 
 
Medium
 
 
 
==Avoidance and mitigation ==
 
 
 
* Requirements specification: The choice could be made to use a language that is not susceptible to these issues.
 
 
 
* Implementation: If all pointers that could have been modified are sanity-checked previous to use, nearly all null-pointer dereferences can be prevented.
 
 
 
==Discussion ==
 
 
 
Null-pointer dereferences, while common, can generally be found and corrected in a simply way. They will always result in the crash of the process - unless exception handling (on some platforms) in invoked, and even then, little can be done to salvage the process.
 
 
 
==Examples ==
 
 
 
Null-pointer dereference issue can occur through a number of flaws, including race conditions, and simple programming omissions. While there are no complete fixes aside from contentious programming, the following steps will go a long way to ensure that null-pointer dereferences do not occur.
 
 
 
Before using a pointer, ensure that it is not equal to NULL:
 
 
 
<pre>
 
if (pointer1 != NULL) {
 
  /* make use of pointer1 */
 
  /* ... */
 
}
 
</pre>
 
 
 
When freeing pointers, ensure they are not set to NULL, and be sure to set them to NULL once they are freed:
 
 
 
<pre>
 
if (pointer1 != NULL) {
 
  free(pointer1);
 
  pointer1 = NULL;
 
}
 
</pre>
 
 
 
If you are working with a multi-threaded or otherwise asynchronous environment, ensure that proper locking APIs are used to lock before the if statement; and unlock when it has finished.
 
 
 
==Related problems ==
 
 
 
* [[Miscalculated null termination]]
 
 
 
* [[State synchronization error]]
 

Revision as of 18:31, 5 April 2014

  1. REDIRECT https://www.owasp.org/index.php/Null_Dereference