SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 36

changes.mady.by.user David Svoboda

Saved on

compared with

New Version 37

changes.mady.by.user Brendan Saulsbury

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Automated detection of narrowing conversions on integral types is straightforward. Determining whether such conversions correctly reflect the intent of the programmer is infeasible in the general case. Heuristic warnings could be useful.

Related Guidelines

The CERT C Secure Coding Standard

"INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data"

 

"FLP34-C. Ensure that floating point conversions are within range of the new type"

The CERT C++ Secure Coding Standard

"INT31-CPP. Ensure that integer conversions do not result in lost or misinterpreted data"

 

"FLP34-CPP. Ensure that floating point conversions are within range of the new type"

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="f2f4c6fc2c968fed-e93c32d3-48bd4dea-8285ae45-3eaa4f0fe7983361f2676d56"><ac:plain-text-body><![CDATA[

[ISO/IEC TR 24772:2010

http://www.aitcnet.org/isai/]

"Numeric Conversion Errors [FLC]"

]]></ac:plain-text-body></ac:structured-macro>

MITRE CWE

CWE ID 681, "Incorrect Conversion between Numeric Types"

 

CWE ID 197, "Numeric Truncation Error"

...