Null pointer dereference at

CWE is sponsored by the U. CWE Glossary Definition. Weakness ID: Status: Stable. Presentation Filter:. A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit. Extended Description.

NULL pointer dereference issues can occur through a number of flaws, including race conditions, and simple programming omissions. This table shows the weaknesses and high level categories that are related to this weakness.

These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as PeerOf and CanAlsoBe are defined to show similar weaknesses that the user may want to explore. More specific than a Pillar Weakness, but more general than a Base Weakness. Class level weaknesses typically describe issues in terms of 1 or 2 of the following dimensions: behavior, property, and resource.

A Pillar is different from a Category as a Pillar is still technically a type of weakness that describes a mistake, while a Category represents a common characteristic used to group related things.

One weakness, X, can directly create the conditions that are necessary to cause another weakness, Y, to enter a vulnerable condition. Chains can involve more than two weaknesses, and in some cases, they might have a tree-like structure.

Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.

Modes Of Introduction. The different Modes of Introduction provide information about how and when this weakness may be introduced. The Phase identifies a point in the life cycle at which introduction may occur, while the Note provides a typical scenario related to introduction during the given phase.

Phase Note Implementation. Applicable Platforms. This listing shows possible areas for which the given weakness could appear. These may be for specific named Languages, Operating Systems, Architectures, Paradigms, Technologies, or a class of such platforms.

The platform is listed along with how frequently the given weakness appears for that instance. Languages C Undetermined Prevalence. Java Undetermined Prevalence. C Undetermined Prevalence. A null-pointer dereference takes place when a pointer with a value of NULL is used as though it pointed to a valid memory area.

Null-pointer dereferences, while common, can generally be found and corrected in a simple way. Since NULL pointer dereference errors mostly result in application crash, they are usually scored with availability impact only. A common CVSS score for locally exploitable vulnerability in client application would look like this: 2.

If a high-privileged application, such as driver or critical system service contains a NULL pointer dereference error, it should be scored with complete availability impact, since crash of such application may render system inaccessible: 4. In cases of remote code execution, it is usually scored with medium or high access complexity metric: 9.

Our CVSSv2 scores are based on our long internal experience in software auditing and penetration testing, taking into consideration a lot of practical nuances and details.

NULL pointer dereference issues frequently result from rarely encountered error conditions and are most likely to escape detection during testing. The best way to avoid appearance of this weakness is to follow programming best practices:. Copyright Disclaimer: Any above-mentioned content can be copied and used for non-commercial purposes only if proper credit to ImmuniWeb is given. Viewed k times. Can someone please explain to me in layman's terms exactly what this is and why it is bad?

Improve this question. Ash Ash Keep in mind doing so results in undefined behavior. You might want to put down some example code. It seems that people including me don't get what you are trying to ask. No need for code there isn't any - This is a conceptual problem I am having, trying to get my head around the terminology of "dereferencing" and why I should be caring about it.

Thanks for this question. It's been bothering me for a while, to ask this : — William Martens. Add a comment. Active Oldest Votes. Improve this answer. Greg Hewgill Greg Hewgill k gold badges silver badges bronze badges. Ash: A pointer contains a memory address that references to something. To access that something referenced by that memory address, you have to de-reference the memory address.

Ash, which In silico said, but when you de-reference you getting the value that is stored at the memory address. Give it a try. I think it's important to also state that it's undefined behavior, assuming that Adam Rosenfield's answer is correct. Show 1 more comment.