From d4bcdd89c721ba95370c1146c9d9925f386d37e3 Mon Sep 17 00:00:00 2001
From: Michael Dawson <midawson@redhat.com>
Date: Tue, 21 Nov 2023 22:31:09 +0000
Subject: [PATCH] module: fix recently introduced coverity warning

Signed-off-by: Michael Dawson <midawson@redhat.com>
PR-URL: https://github.com/nodejs/node/pull/50843
Reviewed-By: James M Snell <jasnell@gmail.com>
---
 src/node_modules.cc | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/node_modules.cc b/src/node_modules.cc
index cfb6090d27ac6f..9217b94852e33b 100644
--- a/src/node_modules.cc
+++ b/src/node_modules.cc
@@ -153,6 +153,10 @@ const BindingData::PackageConfig* BindingData::GetPackageJSON(
       return throw_invalid_package_config();
     }
 
+    // based on coverity using key with == derefs the raw value
+    // avoid derefing if its null
+    if (key.raw() == nullptr) continue;
+
     if (key == "name") {
       // Though there is a key "name" with a corresponding value,
       // the value may not be a string or could be an invalid JSON string