CWE-395 – Use of NullPointerException Catch to Detect NULL Pointer Dereference

Read Time:22 Second

Description

Catching NullPointerException should not be used as an alternative to programmatic checks to prevent dereferencing a null pointer.

Modes of Introduction:

– Implementation

 

 

Related Weaknesses

CWE-705
CWE-755

 

Consequences

Availability: DoS: Resource Consumption (CPU)

 

Potential Mitigations

Phase: Architecture and Design, Implementation

Description: 

Do not extensively rely on catching exceptions (especially for validating user input) to handle errors. Handling exceptions can decrease the performance of an application.

CVE References