Edit

Share via

Warning C28182

  • Article

Dereferencing NULL pointer.

Additional information: <pointer1> contains the same NULL value as <pointer2> did. <note>

The code analysis tool reports this warning when it confirms that the pointer can be NULL. If there are unconfirmed instances where the error might occur earlier in the trace, the code analysis tool adds the line number of the first instance to the warning message so that you can change the code to address all instances.

<pointer2> is confirmed to be potentially NULL. <pointer1> contains the same value as pointer2 and is being dereferenced. Because these pointers may be at different places in the code, both are reported so that you can determine why the code analysis tool is reporting this warning.

If an unconfirmed earlier instance of the condition exists, then <note> is replaced by this text: "See line <number> for an earlier location where this can occur."

Examples

The following example shows code that could cause the code analysis tool to generate this warning message. In this example, the code analysis tool determines that pNodeFree is NULL in the if statement, and the code path into the body of the if is taken. However, because nBlockSize is potentially zero, the body of the for statement isn't executed and pNodeFree is left unmodified. pNodeFree is then assigned to pNode, and pNode is used while a NULL dereference could occur.

typedef struct xlist {
    struct xlist *pNext;
    struct xlist *pPrev;
} list;

list *pNodeFree;
list *masterList;
int nBlockSize;

void fun()
{
    if (pNodeFree == 0)
    {
        list *pNode = masterList;

        for (int i = nBlockSize-1; i >= 0; i--, pNode--)
        {
            pNode->pNext = pNodeFree;
            pNodeFree = pNode;
        }
    }

    list* pNode = pNodeFree;
    pNode->pPrev = 0;
}

The code analysis tool reports the following warning:

:\sample\testfile.cpp(24) : warning C28182: Dereferencing NULL pointer. 'pNode' contains the same NULL value as 'pNodeFree' did.: Lines: 12, 14, 16, 23, 24

One way to correct the earlier example is to check pNode for zero before dereferencing it so that a NULL dereference is averted. The following code shows this correction.

typedef struct xlist {
    struct xlist *pNext;
    struct xlist *pPrev;
} list;

list *pNodeFree;
list *masterList;
int nBlockSize;

void fun()
{
    if (pNodeFree == 0)
    {
        list *pNode = masterList;

        for (int i = nBlockSize-1; i >= 0; i--, pNode--)
        {
            pNode->pNext = pNodeFree;
            pNodeFree = pNode;
        }
    }

    list* pNode = pNodeFree;
    if(pNode != 0)
      pNode->pPrev = 0;
}