Unchecked Return Value Missing Check against Null

Thank you for visiting OWASP.org. We have migrated our community to a new web platform and regretably the content for this page needed to be programmatically ported from its previous wiki page. There’s still some work to be done.

Description

Ignoring a method’s return value can cause the program to overlook unexpected states and conditions.

Just about every serious attack on a software system begins with the violation of a programmer’s assumptions. After the attack, the programmer’s assumptions seem flimsy and poorly founded, but before an attack many programmers would defend their assumptions well past the end of their lunch break.

Two dubious assumptions that are easy to spot in code are “this function call can never fail” and “it doesn’t matter if this function call fails”. When a programmer ignores the return value from a function, they implicitly state that they are operating under one of these assumptions.

Risk Factors

TBD

Examples

The following code does not check to see if the string returned by getParameter() is null before calling the member function compareTo(), potentially causing a null dereference.

    String itemName = request.getParameter(ITEM_NAME);
    if (itemName.compareTo(IMPORTANT_ITEM)) {
        ...
    }
    ...

The traditional defense of this coding error is:

"I know the requested value will always exist because ... If it does not exist, the program
cannot perform the desired behavior so it doesn't matter whether I handle the error or simply
allow the program to die dereferencing a null value."

But attackers are skilled at finding unexpected paths through programs, particularly when exceptions are involved.

References

TBD

Category:Input Validation Vulnerability Category:Java Category:Code Snippet Category:Implementation Category:Vulnerability Category:OWASP ASDR Project

Watch Star