Why am i getting Possible null pointer dereference in findbug?

Question

On the 5th line of below code spotted as a bug by the findbugs:

Possible null pointer dereference in com.xyz.common.CommonUtils.FolderNotEmpty(String) due to return value of called method [Troubling(13), Normal confidence]

public static boolean FolderNotEmpty(String path) {
        boolean flag = false;
        File f = new File(path);
        if (f.isDirectory()) {
            if (f.listFiles().length > 0) {
                flag = true;
                LOGGER.info("Folder - " + path + " is not empty.");
            } else {
                LOGGER.info("Folder - " + path + " is empty.");
            }
        } else {
            LOGGER.warn("The given path is not a directory - " + path);
        }
        return flag;
    }

chrylis -cautiouslyoptimistic- chrylis -cautiouslyoptimistic- · Accepted Answer · 2020-05-05T20:05:18

You have a race condition:

You call f.isDirectory(), which returns true.
I replace the directory at path with some ordinary file.
You call f.listFiles(), which returns null.

To avoid this, say File[] files = f.listFiles(); unconditionally, and then change your if to if (files != null). Better yet, reduce the nesting in your method this way:

public static boolean folderIsNotEmpty(String path) {
    File f = new File(path);
    File[] files = f.listFiles();

    if (files == null) {
        logger.warn("not a directory");
        return false;
    }

    if (files.length > 0) { 
        logger.info("not empty");
        return true;
    } else {
        logger.info("empty");
        return false;
    }
}

(Or, if you don't need the log statements, return (files.length > 0).)

Why am i getting Possible null pointer dereference in findbug?

4 Answers