I use SonarQube (5.1 with cppecheck 1.70) to analyse C-code. In following example, there is a Null Pointer Dereference issue that should be detected by SonarQube and/or Cppcheck (used by Sonar). But no issue found by SonarQube niether repported by Cppcheck.

struct s1
{ 
    char c1;
    char c2;
};

struct s1 * toto1(void)
{ 
    return NULL;
}

void toto2(void)
{ 
    struct s1* my_st=NULL;
    my_st = toto1();
    my_st->c1 = 1;
    my_st->c2 = 0;
    return;
}

Is there any restriction on this rule (Null pointers should not be dereferenced) in such situation?

I am a Cppcheck developer.

I was surprised that Cppcheck does not detect that.

I have created this ticket upstream: http://trac.cppcheck.net/ticket/7132

Thank you! Let me know if you discover more false negatives.

SonarCube does static code analysis. This is a runtime failure.

To see why this is a problem for static analysis, see the following modification:

struct s1 * toto1(void)
{
    MightHalt(); /* good luck with your static analysis */ 
    return NULL;
}

A NULL pointer is not a pointer that points to the memory location 0 or something else. It is simply a pointer that points to nothing. It's just a special pointer that doesn't point to anything valid.

According to C, a NULL pointer should not be dereferenced. Although it does not say what should happen if it is dereferenced.