Java does not support the use of unsigned types, except for the 16 bit char datatype. Sometimes, it is necessary to interoperate with native languages such as C/C++ that use unsigned types extensively. The standard practice to deal with unsigned types is to read their values into Java's larger signed primitives. For example, a signed long is used to hold an unsigned integer.
This example incorrectly uses a generic method for reading in integer data irrespective of the signedness. It assumes that the value is always signed and thus treats the most significant bit (MSB) as the sign bit causing misinterpretations about the actual magnitude of the integer.
public static int getInteger(DataInputStream is) throws IOException {
return is.readInt();
}
|
This compliant solution reads-in an unsigned integer value into a {{long}} variable. The final value is stored in the lower 4 bytes of the {{long}} variable and the upper 4 bytes are zeroed out by and'ing with {{0xFFFFFFFF}}. \[[Harold 97|AA. Java References#Harold 97]\] |
public static long readInt(InputStream is) throws IOException {
byte[] buffer = new byte[4];
int check = is.read(buffer);
if (check != 4) throw new IOException("Unexpected End of Stream!");
long result = 0L;
result = (buffer[0] << 24) | (buffer[1] << 16) | (buffer[2] << 8) | buffer[3];
result &= 0xFFFFFFFF;
return result;
}
|
Treating an unsigned type as signed can result in misinterpretations and can lead to erroneous calculations.
Rule |
Severity |
Likelihood |
Remediation Cost |
Priority |
Level |
|---|---|---|---|---|---|
SEC01-J |
low |
unlikely |
low |
P3 |
L3 |
TODO
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
\[[API 06|AA. Java References#API 06]\] Class DataInputStream: method {{readInt}}
\[[Harold 97|AA. Java References#Harold 97]\] Chapter 2: Primitive Data Types, Cross Platform Issues, Unsigned Integers |
INT00-J. Provide methods to read and write Little-Endian data 04. Integers (INT) 04. Integers (INT)