SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 195

changes.mady.by.user Shannon Haas

Saved on

compared with

New Version 196

changes.mady.by.user Shannon Haas

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Failure to perform appropriate range checking can lead to integer overflows, which can cause unexpected program control flow or unanticipated program behavior.

Guideline Rule

Severity

Likelihood

Remediation Cost

Priority

Level

NUM00-J

medium

unlikely

medium

P4

L3

...

The CERT C Secure Coding Standard

INT32-C. Ensure that operations on signed integers do not result in overflow

The CERT C++ Secure Coding Standard

INT32-CPP. Ensure that operations on signed integers do not result in overflow

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="84dcfa1fee19f9a8-f6512b80-43634389-8711af91-c48cf2b8747b8d9042ba093a"><ac:plain-text-body><![CDATA[

[ISO/IEC TR 24772:2010

http://www.aitcnet.org/isai/]

"Wrap-around Error [XYY]"

]]></ac:plain-text-body></ac:structured-macro>

MITRE CWE

CWE-682, "Incorrect Calculation"

 

CWE-190, "Integer Overflow or Wraparound"

 

CWE-191, "Integer Underflow (Wrap or Wraparound)"

...

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="8834af63341b2e7f-259718d5-4b734713-9c2fa0c1-8ffba75f4f2bea1df958fdb6"><ac:plain-text-body><![CDATA[

[[API 2006

AA. Bibliography#API 06]]

class [AtomicInteger

http://download.oracle.com/javase/6/docs/api/java/util/concurrent/atomic/AtomicInteger.html]

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="d38e10b20d545c61-c0545e55-4e5b47ef-a3d19416-ed9968722c59b0412e12a7cf"><ac:plain-text-body><![CDATA[

[[Bloch 2005

AA. Bibliography#Bloch 05]]

Puzzle 27: Shifty i's

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="0e51335672a491ea-7340278f-45db4ae8-ac4f927c-6fe6794b234a9c25189758b1"><ac:plain-text-body><![CDATA[

[[JLS 2005

AA. Bibliography#JLS 05]]

[§4.2.2, "Integer Operations"

http://java.sun.com/docs/books/jls/third_edition/html/typesValues.html#4.2.2]

]]></ac:plain-text-body></ac:structured-macro>

 

§15.22, "Bitwise and Logical Operators"

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="d77a7c7773407da0-6140dac1-4efd4b78-84a18bd4-45512102bd1a9818bd02ef9c"><ac:plain-text-body><![CDATA[

[[Seacord 2005

AA. Bibliography#Seacord 05]]

Chapter 5. Integers

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="8c499659a28e5747-4cabfbe8-44b44b75-b0e39003-8e5dac3625d67aee0668b77b"><ac:plain-text-body><![CDATA[

[[Tutorials 2008

AA. Bibliography#Tutorials 08]]

Primitive Data Types

]]></ac:plain-text-body></ac:structured-macro>

...