To benefit from the work I put into my typography, read natively at: A Null Pointer Dereference Primer.

—

Most of my technical primers are…well, technical. This one won’t be because the problem is confusion rather than complexity.

I’ve been in software security for over a decade, and nearly every tester or developer I’ve asked about this topic thinks Null Pointer Dereference Vulnerabilities mean one of two things:

Someone tried to delete (dereference) a pointer while it pointed to NULL, or…
Failure to clean up (dereference) NULL pointers.

In both cases, the mistake is made because they think dereference means to delete something, which it does not. In programming parlance, dereferencing means getting the value for something—a.k.a., reading it.

In other words, a Null Pointer Dereference Vulnerability just means reading a NULL pointer.

That’s it.

It’s not about deleting references, or leaving references lying around, or cleaning up NULL pointers, or any of that stuff. Computers just hate trying to extract the value for things that don’t exist. And I can’t say I blame them.

Hope this helps someone.

Notes


This is a fantastic explanation of pointers on Stack Overflow.
Thanks to Jason Powell for talking through this, championing the cause, and reminding me that this primer still needed to be written.

—

I spend 5-20 hours a week collecting and curating content for the site. If you're the generous type and can afford fancy coffee whenever you want, please consider becoming a member at just $10/month.

Begin Membership

Stay curious,

Daniel