search

OkraFramework / Okra.Core

Okra App Framework - The Okra App Framework is designed to support the development of .Net Windows Store applications, in particular those following the MVVM pattern.
http://okraframework.github.io
Apache License 2.0
10 stars 6 forks source link

Dereference after null check in PageInfo.StateData (Coverity Scan) #61

Closed Andy-Wilkinson closed 9 years ago

Andy-Wilkinson commented 9 years ago

The Coverity Scan static analysis has identified a "Dereference after null check" in PageInfo.StateData.

"Either the check against null is unnecessary, or there may be a null reference exception. In Okra.​Navigation.​PageInfo/StateData::​GetData(): Reference is checked against null but then dereferenced anyway (CWE-476)"

public T GetData<T>()
{
    1. Condition this.data == null, taking true branch
    2. var_compare_op: Comparing this.data to null implies that this.data might be null.
    3. Condition this.rawData != null, taking false branch

    if (data == null && rawData != null)
    {
        data = SerializationHelper.DeserializeFromArray(rawData, typeof(T));
        dataType = typeof(T);
    }

    CID 96198 (#1 of 1): Dereference after null check (FORWARD_NULL)
    4. unbox_null: Unboxing null object this.data.

    return (T)data;
}
Andy-Wilkinson commented 9 years ago

Updated code to cover possible corner case where a 'null' value is attempted to be cast to a non-nullable type.

Coverity Scan now reports this defect as fixed :smile: