SonarQube - Null Pointer Dereference Issue

simonsirak · June 14, 2018, 1:18pm

Hi!

I was fixing some issues gathered by SonarQube when I stumbled upon the following issue:

“SonarQube violation: Possible null pointer dereference in ___ due to return value of called method”

This error was found in the following code: ... else if (foo.list().length > 0) { ... }

I attempted to resolve this by rewriting as: ... else if (null != foo.list() && foo.list().length > 0) { ... }

foo is an instance of the File class in Java, and is directly instantiated through new File(...)

The only potential null is the return value of list(). That is why I explicitly check for this in my attempted solution.

My question is; is my solution incorrect? If not, this might be a bug.

I’m currently using SonarQube version 5.6.6.

Best Regards,
Simon Sirak

saberduck · June 14, 2018, 1:25pm

Hello,

better way to handle this is to store the result of method invocation in a variable. There is no guarantee that subsequent invocations are returning the same value, that’s why issue is raised.

simonsirak · June 14, 2018, 2:06pm

Yes, that worked! Thank you so much!!

NicoB · June 14, 2018, 2:20pm

Hi there,

Quick note on this:

This likely means that you’re on an ancient version of the Java analyzer. There’d be huge value in jumping onto the latest version of the ecosystem (notably SonarQube), and benefit from all latest analyzers (e.g. the Java one). (in the meantime, in case of any other false-positive suspicion, make sure to check those latest versions as bunch of improvements are regularly released)

system · April 8, 2021, 9:37am

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.