AttackFlow Findings Dictionary

Finding A Way To Try AttackFlow Enterprise Edition?

If so, click to download 15 days full version for free!

Catching Null Reference Exception

Unnoticed null dereference exceptions may hide serious underlying problems

Severity

Medium

Fix Cost

Low

Trust Level

High

Null reference exceptions seem to be the easiest problems that a developer can handle, however, even the most experienced developers fall into this problem at runtime. Catching null reference exceptions around problematic code blocks may seem a good idea at first.

            
try
{
  ...
}
catch (NullReferenceException nre) {
  return false;
}
                 
            

However, this is not a good idea for more than one reason. First a serious problem may be hidden, and hiding a problem is never a reliable, good solution in development. Second catching the exception incurs performance problems. Third the software flow may be left in an unstable status when the code above returns upon catching the null reference exception.

Null reference exceptions seem to be the easiest problems that a developer can handle, however, even the most experienced developers fall into this problem at runtime. Catching null reference exceptions around problematic code blocks may seem a good idea at first.

            
try
{
...
}
catch (NullPointerException npe) {
  return false;
}
                 
            

However, this is not a good idea for more than one reason. First a serious problem may be hidden, and hiding a problem is never a reliable, good solution in development. Second catching the exception incurs performance problems. Third the software flow may be left in an unstable status when the code above returns upon catching the null reference exception.

Null reference exceptions seem to be the easiest problems that a developer can handle, however, even the most experienced developers fall into this problem at runtime. Catching null reference exceptions around problematic code blocks may seem a good idea at first.

            
try
{
...
}
catch (NullPointerException npe) {
return false;
}
                 
            

However, this is not a good idea for more than one reason. First a serious problem may be hidden, and hiding a problem is never a reliable, good solution in development. Second catching the exception incurs performance problems. Third the software flow may be left in an unstable status when the code above returns upon catching the null reference exception.

Finding A Way To Purchase AttackFlow Enterprise Edition?

If so, click to buy now for yearly subscriptions!