SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 120

changes.mady.by.user Will Snavely

Saved on

compared with

New Version Current

changes.mady.by.user David Svoboda

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: REM cost reform

...

According to the Java API for the read(byte[] b, int off, int len) method:

An attempt is made to read as many as len bytes, but a smaller number may be read, possibly zero. 

Both read methods return as soon as they find available input data. As a result, these methods can stop reading data before the array is filled because the available data may be insufficient to fill the array.

...

Incorrect use of the read() method can result in the wrong number of bytes being read or character sequences being interpreted incorrectly.

Rule

Severity

Likelihood

Remediation Cost

Detectable

Repairable

Priority

Level

FIO10-J

Low

Unlikely

Medium

No

No

P2

P1

L3

Automated Detection

ToolVersionCheckerDescription
Parasoft Jtest
Include Page
Parasoft_V
Parasoft_V
CERT.FIO10.NASSIGIOEnsure the return values of specified file I/O methods are used
SonarQube
Include Page
SonarQube_V
SonarQube_V
S2674
 

 



Related Guidelines

MITRE CWE

CWE-135, Incorrect Calculation of Multi-byte String Length

Bibliography

[API 2006]

Class InputStream
Class DataInputStream

[Chess 2007]

Section 8.1, "Handling Errors with Return Codes"

[Harold 1999]

Chapter 7, "Data Streams, Reading Byte Arrays"

[Phillips 2005]

 

...



...