rspec/rules/S2259/csharp/rule.adoc

A reference to `null` should never be dereferenced/accessed. Doing so will cause a `NullReferenceException` to be thrown. At best, such an exception will cause abrupt program termination. At worst, it could expose debugging information that would be useful to an attacker, or it could allow an attacker to bypass security measures.

== Noncompliant Code Example

[source,csharp]
----
public void Method()
{
    object o = null;
    Console.WriteLine(o.ToString()); // Noncompliant, always null
}
----

== Compliant Solution

[source,csharp]
----
public void Method()
{
    var o = new object();
    Console.WriteLine(o.ToString());
}
----

== Exceptions

Calls to extension methods are not reported because they can still operate on `null` values.

To create a custom null validation method declare an attribute with name `ValidatedNotNullAttribute` and mark the parameter that is validated for null in your method declaration with it:

[source,csharp]
----
using System;

public sealed class ValidatedNotNullAttribute : Attribute { }

public static class Guard
{
    public static void NotNull<T>([ValidatedNotNull] this T value, string name) where T : class
    {
        if (value == null)
            throw new ArgumentNullException(name);
    }
}

public static class Utils
{
    public static string ToUpper(string value)
    {
        Guard.NotNull(value, nameof(value));
        if (value == null)
        {
            return value.ToString(); // Compliant, this code is not reachable
        }
        return value.ToUpper();
    }
}
----

include::../see.adoc[]

ifdef::env-github,rspecator-view[]

'''
== Implementation Specification
(visible only on this page)

include::../message.adoc[]

include::../highlighting.adoc[]

'''
== Comments And Links
(visible only on this page)

include::../comments-and-links.adoc[]
endif::env-github,rspecator-view[]
Rule S2259: Add VB.NET, improve C# (#1208) 2022-09-05 08:04:25 +02:00			A reference to `null` should never be dereferenced/accessed. Doing so will cause a `NullReferenceException` to be thrown. At best, such an exception will cause abrupt program termination. At worst, it could expose debugging information that would be useful to an attacker, or it could allow an attacker to bypass security measures.
Add rules 2000-2999 2020-06-30 12:48:07 +02:00
			`== Noncompliant Code Example`

RULEAPI-661: Add syntax coloring 2022-02-04 17:28:24 +01:00			`[source,csharp]`
Add rules 2000-2999 2020-06-30 12:48:07 +02:00			`----`
Rule S2259: Add VB.NET, improve C# (#1208) 2022-09-05 08:04:25 +02:00			`public void Method()`
Add rules 2000-2999 2020-06-30 12:48:07 +02:00			`{`
Rule S2259: Add VB.NET, improve C# (#1208) 2022-09-05 08:04:25 +02:00			`object o = null;`
			`Console.WriteLine(o.ToString()); // Noncompliant, always null`
Add rules 2000-2999 2020-06-30 12:48:07 +02:00			`}`
Rule S2259: Add VB.NET, improve C# (#1208) 2022-09-05 08:04:25 +02:00			`----`

			`== Compliant Solution`

			`[source,csharp]`
			`----`
			`public void Method()`
Add rules 2000-2999 2020-06-30 12:48:07 +02:00			`{`
Rule S2259: Add VB.NET, improve C# (#1208) 2022-09-05 08:04:25 +02:00			`var o = new object();`
			`Console.WriteLine(o.ToString());`
Add rules 2000-2999 2020-06-30 12:48:07 +02:00			`}`
			`----`

			`== Exceptions`

Rule S2259: Add VB.NET, improve C# (#1208) 2022-09-05 08:04:25 +02:00			Calls to extension methods are not reported because they can still operate on `null` values.
Force linebreaks 2021-02-02 15:02:10 +01:00
Rule S2259: Add VB.NET, improve C# (#1208) 2022-09-05 08:04:25 +02:00			To create a custom null validation method declare an attribute with name `ValidatedNotNullAttribute` and mark the parameter that is validated for null in your method declaration with it:
Fix code block ambiguity with old header style Ensure blank line before list and clean the one leading space 2020-06-30 14:49:38 +02:00
Rule S2259: Add VB.NET, improve C# (#1208) 2022-09-05 08:04:25 +02:00			`[source,csharp]`
Add rules 2000-2999 2020-06-30 12:48:07 +02:00			`----`
			`using System;`

			`public sealed class ValidatedNotNullAttribute : Attribute { }`

			`public static class Guard`
			`{`
			`public static void NotNull<T>([ValidatedNotNull] this T value, string name) where T : class`
			`{`
			`if (value == null)`
			`throw new ArgumentNullException(name);`
			`}`
			`}`

			`public static class Utils`
			`{`
			`public static string ToUpper(string value)`
			`{`
			`Guard.NotNull(value, nameof(value));`
			`if (value == null)`
			`{`
			`return value.ToString(); // Compliant, this code is not reachable`
			`}`
			`return value.ToUpper();`
			`}`
			`}`
			`----`

			`include::../see.adoc[]`
Export comments and rspec-to-rspec links from jira 2021-06-02 20:44:38 +02:00
Fix the comment display: rule-id, timestamp, GH visibility, link direction 2021-06-03 09:05:38 +02:00			`ifdef::env-github,rspecator-view[]`
RULEAPI-666: Migrate the "List of parameters", "Highlighting" and "Message" fields from jira RSPEC (#346) 2021-09-20 15:38:42 +02:00
			`'''`
			`== Implementation Specification`
			`(visible only on this page)`

			`include::../message.adoc[]`

			`include::../highlighting.adoc[]`

RULEAPI-576: add a horizontal rule between rule description and comments 2021-06-08 15:52:13 +02:00			`'''`
Export comments and rspec-to-rspec links from jira 2021-06-02 20:44:38 +02:00			`== Comments And Links`
			`(visible only on this page)`

			`include::../comments-and-links.adoc[]`
Fix the comment display: rule-id, timestamp, GH visibility, link direction 2021-06-03 09:05:38 +02:00			`endif::env-github,rspecator-view[]`