V1004. The pointer was used unsafely after it was verified against nullptr.


The analyzer has detected a possible null-pointer-dereferencing error. The pointer is checked for null before the first use but is then used for the second time without such a check.

Consider the following example:

if (p != nullptr)
{
  *p = 42;
}
....
*p += 33;

If the 'p' pointer turns out to be null, executing the '*p += 33' expression will result in null-pointer dereferencing. To avoid it, the pointer must be additionally tested against null:

if (p != nullptr)
{
  *p = 42;
}
....
if (p != nullptr)
{
  *p += 33;
}

If the 'p' pointer is always non-null, the check is not needed:

*p = 42;
....
*p += 33;

The analyzer may issue a false warning in the following case:

if (p == nullptr)
{
  MyExit();
}
....
*p += 42;

The reason is that the analyzer cannot determine if the 'MyExit' function returns control or not. To provide such information to it, annotate the function in one of the following ways:

  • C++11 attribute: [[noreturn]] void MyExit();
  • gcc attribute: __attribute__((noreturn)) void MyExit();
  • MSVC attribute: __declspec((noreturn)) void MyExit();

According to Common Weakness Enumeration, potential errors found by using this diagnostic are classified as CWE-119, CWE-476, CWE-628.

You can look at examples of errors detected by the V1004 diagnostic.


Bugs Found

Checked Projects
344
Collected Errors
12 970