Variable Address False Positive Null Dereference

microsoft / infersharp

Infer# is an interprocedural and scalable static code analyzer for C#. Via the capabilities of Facebook's Infer, this tool detects null dereferences, resource leaks, and thread-safety violations. It also performs taint flow tracking to detect critical security vulnerabilities like SQL injections.

MIT License

732 stars 29 forks source link

Variable Address False Positive Null Dereference #128

Closed matjin closed 2 years ago

matjin commented 2 years ago

Investigate a false positive having to do with variable addressing:

method(int i, out string c) { this.method2(i, out c); return c != null }

reporting on c being a null dereference.

matjin commented 2 years ago

This got fixed https://github.com/microsoft/infersharp/pull/146