![]() ![]() ![]() This assumption is later contradicted when the programmer checks ptr against NULL. ![]() That assumption is made explicit when the programmer dereferences the pointer. Most null-pointer issues result in general software reliability problems, but if an attacker can intentionally trigger a null-pointer dereference, the attacker may be able to use the resulting exception to bypass security logic in order to mount a denial of service attack, or to cause the application to reveal debugging information that will be valuable in planning subsequent attacks.Įxample 1: In the following code, the programmer assumes that the variable ptr is not NULL. This error is often the result of a programmer initializing a variable to null when it is declared. A dereference-after-store error occurs when a program explicitly sets a pointer to null and dereferences it later. Errors of this type are often the result of a typo or programmer oversight. Dereference-after-check errors occur when a program makes an explicit check for null, but proceeds to dereference the pointer when it is known to be null. A check-after-dereference error occurs when a program dereferences a pointer that can be null before checking if the pointer is null. There are at least three flavors of this problem: check-after-dereference, dereference-after-check, and dereference-after-store. Null-pointer exceptions usually occur when one or more of the programmer's assumptions is violated. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |