...
Note that the read() methods return as soon as they find available input data. Ignoring the result returned by the read() methods is a violation of guideline rule EXP00-J. Do not ignore values returned by methods. Security issues can arise even when return values are considered, because the default behavior of the read() methods lacks any guarantee that the entire buffer array will be filled. The programmer must check the number of bytes actually read and call the read() method again as required.
...
Failure to comply with this guideline rule can result in the wrong number of bytes being read or character sequences being interpreted incorrectly.
...
Search for vulnerabilities resulting from the violation of this guideline rule on the CERT website.
Bibliography
...