V3080. Possible null dereference.


The analyzer detected a code fragment that may cause a null-dereference issue.

Consider the following examples, which trigger the V3080 diagnostic message:

if (obj != null || obj.Func()) { ... }
if (obj == null && obj.Func()) { ... }
if (list == null && list[3].Func()) { ... }

All the conditions contain a logical mistake that results in null dereference. This mistake appears as the result of bad code refactoring or a typo.

The following are the fixed versions of the samples above:

if (obj == null || obj.Func()) { .... }
if (obj != null && obj.Func()) { .... }
if (list != null && list[3].Func()) { .... }

These are very simple situations, of course. In real-life code, an object may be tested for null and used in different lines. If you see the V3080 warning, examine the code above the line that triggered it and try to find out why the reference is null.

Here's an example where an object is checked and used in different lines:

if (player == null) {
  ....
  var identity = CreateNewIdentity(player.DisplayName);
  ....
}

The analyzer will warn you about the issue in the line inside the 'if' block. There is either an incorrect condition or some other variable should have been used instead of 'player'.

Sometimes programmers forget that when testing two objects for null, one of them may appear null and the other non-null. It will result in evaluating the entire condition, and null dereference. For example:

if ((text == null && newText == null) || text.Equals(newText)) {
  ....
}

This condition can be rewritten in the following way:

if ((text == null && newText == null) ||
    (text != null && newText != null && text.Equals(newText))) {
  ....
}

Another way to make this mistake is to use the logical AND operator (&) instead of conditional AND (&&). One must remember that, firstly, both parts of the expression are always evaluated when using logical AND, and, secondly, the priority of logical AND is higher than that of conditional AND.

For example:

public static bool HasCookies {
  get {
    var context = HttpContext;
    return context != null
      && context.Request != null & context.Request.Cookies != null
      && context.Response != null && context.Response.Cookies != null;
  }
}

In this code, 'context.Request.Cookies' will be referenced even if 'context.Request' is null.

According to Common Weakness Enumeration, potential errors found by using this diagnostic are classified as CWE-476.

You can look at examples of errors detected by the V3080 diagnostic.


Do you make errors in the code?

Check your code
with PVS-Studio

Static code analysis
for C, C++, and C#

goto PVS-Studio;