In this section:

Overview

This error is generated when a function call is made via a NULL function pointer.

Code Description Enabled Reported Platform FUNC_NULL Function pointer is NULL Runtime Windows/Unix

Problem

The following code attempts to call a function through a pointer that has never been explicitly initialized. Since the pointer is a global variable, it is initialized to zero by default, resulting in the attempt to call a NULL pointer.

/*
 * File: funcnull.c
 */
void (*a)();

main()
{
	a();
	return (0);
}

Diagnosis at Runtime

[funcnull.c:8] **FUNC_NULL**
>>		 a();
Function pointer is null: a

---- Associated Common Weakness Enumerations ----
CWE-476: Null pointer dereference

Stack trace where the error occurred:
		main() funcnull.c, 8
**Memory corrupted. Program may crash!!**

• Line 2: Source line at which the problem was detected.
• Line 3: Description of the problem and the expression that is in error.
• Line 5-6: CWE associated with this problem.
• Line 8: Stack trace showing the function call sequence leading to the error.
• Line 10: Informational message indicating that a serious error has occurred which may cause the program to crash.

Repair

The most common way to generate this problem is the one shown here, in which the pointer never was explicitly initialized and is set to zero. This case normally requires the addition of an assignment statement prior to the call as in the following code:

/*
* File: funcnull.c (modified)
*/
void (*a)();
extern void myfunc();

main()
{
	a = myfunc;
	a();
	return;
}

A second fairly common programming practice is to terminate arrays of function pointers with NULL entries. Code that scans a list looking for a particular function may end up calling the NULL pointer if its search criterion fails. This normally indicates that protective programming logic should be added to prevent against this case.

References

The table below shows Common Weakness Enumerations associated with this error.