Page History

...

According to the Java Language Specification \[[JLS 05|AA. Java References#JLS 05]\], section 4.2.2 ""Integer Operations"":

If an integer operator other than a shift operator has at least one operand of type long, then the operation is carried out using 64-bit precision, and the result of the numerical operator is of type long. If the other operand is not long, it is first widened (§5§5.1.5) to type long by numeric promotion (§5§5.6). Otherwise, the operation is carried out using 32-bit precision, and the result of the numerical operator is of type int. If either operand is not an int, it is first widened to type int by numeric promotion.

The Java Language Specification \[[JLS 05|AA. Java References#JLS 05]\] section 5.6 ""Numeric Promotions"" describes numeric promotion as: 

...

int a = some_value;
char b = some_character;

if((a + b) >> 1.1f) {
  //do something
}

Here, b is first converted to int so that the + operator can be applied to operands of the same type. The result of (a+b) is then converted to a float, and the comparison operator is finally applied.

...

int result = 0;
for(int i = 0; i <&lt; 4; i++) 
  result = ((result <<&lt;&lt; 8) | b[i]);

Compliant Solution

...

int result = 0;
for(int i = 0; i <&lt; 4; i++) 
  result = ((result <<&lt;&lt; 8) | (b[i] &amp; 0xff));

Risk Assessment

Failing to consider integer promotions when dealing with floating point and integer operands can result in loss of precision.

...

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

References

\[[JLS 05|AA. Java References#JLS 05]\] 4.2.2 ""Integer Operations"" and 5.6 ""Numeric Promotions"" 
\[[Findbugs 08|AA. Java References#Findbugs 08]\] ""BIT: Bitwise OR of signed byte value""

...

EXP07-J. Do not diminish the benefits of constants by assuming their values in expressions            04. Expressions (EXP)            EXP09-J. Use parentheses for precedence of operation