This week I was reviewing some C# code where the developer had used 'ToString()' throughout on properties without checking for nulls.
The result of this was a log file full of 'System.NullReferenceException: Object reference not set to an instance of an object.'
And it was difficult to trace through where the error had occurred and the logic stopped executing.
So I put together a few simple samples of how to safely check for nulls and work with collections, I can distribute them to the training developers and add hope to add more to this project over time. The code is available here;
Some of the samples are below.
Examples Ways to handle null values
var convertToString = Convert.ToString(classWithNulls.IamNull);
Console.WriteLine("Convert Class returns empty string if null no exception : " + convertToString);
var coalesce = classWithNulls.IamNull ?? "DefaultValueIfNull";
Console.WriteLine("DefaultValue is returned if null : " + coalesce);
// ReSharper disable once MergeConditionalExpression
var conditional = classWithNulls.IamNull != null
Console.WriteLine("DefaultValue is returned if null : " + conditional);
// C# 6 and later null propagation operator where the null value is passed up the chain without an exception
var conditionalCSharp6 = classWithNulls.IamNull?.ToString();
Console.WriteLine("Null is propagated and returned without an Exception" + conditionalCSharp6);
// This can be combined with Coalesce to remove the null and provide a default value
var conditionalCSharp6DefaultValue = classWithNulls.IamNull?.ToString() ?? "DefaultValueIfNull";
Console.WriteLine("Default Value Returned without an Exception" + conditionalCSharp6DefaultValue);
public static class Extension
public static string ToStringOrEmpty(this Object value)
return value == null ? "" : value.ToString();
// A custom extension method attached to object to handle null values, see file ToStringOrEmpty.cs
var extensionMethod = classWithNulls.IamNull.ToStringOrEmpty();
Console.WriteLine("String Empty is returned by as with no exception : " + extensionMethod);
Disable SSL 3.0 in Windows For Server Software
You can disable support for the SSL 3.0 protocol on Windows by following these steps:
- Click Start, click Run, type regedt32 or type regedit, and then click OK.
- In Registry Editor, locate the following registry key:
Note If the complete registry key path does not exist, you can create it by expanding the available keys and using the New -> Key option from the Edit menu.
- On the Edit menu, click Add Value.
- In the Data Type list, click DWORD.
- In the Value Name box, type Enabled, and then click OK.
Note If this value is present, double-click the value to edit its current value.
- In the Edit DWORD (32-bit) Value dialog box, type 0 .
- Click OK. Restart the computer.
Note This workaround will disable SSL 3.0 for all server software installed on a system, including IIS.
On a web forms application on load balanced environment I recently had to investigate some errors for invalid viewstate. It was an intermittent error which only occurred when someone important used the site.
This became high profile quickly and very annoying, it has been a long time since I had to deal with view state thanks to MVC and it was difficult to reproduce. Eventually we found that clearing all caches and browser history allowed the error to be recreated.
The error message was a value cannot be null error;
System.Web.HttpException: Value cannot be null.
Parameter name: inputString [ArgumentNullException: Value cannot be null.Parameter name: inputString]
at System.Web.UI.ObjectStateFormatter.Deserialize(String inputString, Purpose purpose)
at System.Web.UI.Util.DeserializeWithAssert(IStateFormatter2 formatter, String serializedState, Purpose purpose)
[ViewStateException: Invalid viewstate. Client IP: 184.108.40.206 Port: 49531 Referer: https://*********.com/checkout/payment Path: *******.aspx User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko ViewState: ] [HttpException: The state information is invalid for this page and might be corrupted.]
The machinekey was in the web.config for both servers and the load balancing set up correctly. Looking at New Relic there was more viewstate errors which didn''t hit the application so were not logged.
The most likely solution found when googling was to move the machine key to the machine.config file at the server level C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Config
The site web.config had the machine key removed and there is a web.config in the same directory as the machine.config , in one server this had the machine key and on another it didn''t. So it was removed from all.
This url has some useful information about the scope of the configuration files
ASP.NET 4.5 introduced cryptographic improvements, when the configuration was set wrong these were picked up and the following error was received.
System.Configuration.ConfigurationErrorsException: When using <machineKey compatibilityMode="Framework45" /> or the MachineKey.Protect and MachineKey.Unprotect APIs, the ''validation'' attribute must be one of these values: SHA1, HMACSHA256, HMACSHA384, HMACSHA512, or alg:[KeyedHashAlgorithm]. (C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Config\web.config line 31)
Explicitly setting the validation key'' validation="SHA1" '' to ensure the correct encryption setting was picked up solved this.
There is more information about the improvements here;
But after all that reconfiguration the error popped up once more in New Relic!
After some more investigation we found that the viewstate had been moved to the bottom of the page for SEO, on the page receiving the error it was possible to submit the page before it had completed loading and then error then occured. Moving the viewstate back to the top seems to have cured it but we are keeping a close eye on New Relic