# NULL Pointer Dereference (CWE-476)

A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL.

**Stack:** Go

- Prevalence: मध्यम 2 भाषाएँ कवर की गईं
- Impact: मध्यम समीक्षा अनुशंसित
- Prevention: प्रलेखित 2 फिक्स उदाहरण

**OWASP:** Insecure Design (A04:2021-Insecure Design) - #4

## Description

NULL pointer dereferences typically cause the application to crash. In some cases, they may be exploitable for denial of service or potentially for code execution.

## Prevention

### Go

Use the two-value form of type assertion or type switch to handle failures gracefully

## Consequences

- DoS: क्रैश / निकास / पुनः आरंभ

## Mitigations

- dereference करने से पहले पॉइंटरों की जाँच करें
- ऐसे भाषा फ़ीचर्स का उपयोग करें जो null pointer समस्याओं को रोकते हैं
- null रिटर्न के लिए उचित त्रुटि प्रबंधन लागू करें

## Detection

- Total rules: 2
- Languages: go, typescript

## Rules by Language

### Go (1 rules)

- **Unsafe Type Assertion Without Ok Check** [MEDIUM]: Type assertion without two-value form can panic at runtime.
  - Remediation: Use the two-value form of type assertion to handle failures gracefully.

```go
result, ok := data.(map[string]interface{})
if !ok {
    return errors.New("invalid data type")
}
```

Learn more: https://shoulder.dev/learn/go/cwe-476/unsafe-type-assertion