Page History

...

See the related guideline FIO02-J. Keep track of bytes read and account for character encoding while reading data for more information.

Noncompliant Code Example

This noncompliant code example reads a byte array and converts it into a String using the platform's default character encoding. When the default encoding differs from the encoding that was used to produce the byte array, the resulting String is likely to be incorrect. Undefined behavior can occur when some of the input lacks a valid character representation in the default encoding.

FileInputStream fis = new FileInputStream("SomeFile");
DataInputStream dis = new DataInputStream(fis);
int bytesRead = 0;
byte[] data = new byte[1024];

bytesRead = dis.readFully(data);

if (bytesRead > 0) {
  String result = new String(data);
}

Compliant Solution

This compliant solution explicitly specifies the intended character encoding by passing it as the second argument to the String constructor (e.g. the string encoding in this example).

String encoding = "SomeEncoding" // for example, "UTF-16LE"

FileInputStream fis = new FileInputStream("SomeFile");
DataInputStream dis = new DataInputStream(fis);
int bytesRead = 0;
byte[] data = new byte[1024];

bytesRead = dis.readFully(data);

if (bytesRead > 0) {
   String result = new String(data, encoding);
}

Exceptions

FIO03-EX1: An explicit character encoding may be omitted on the receiving side when the data was created by another Java application that both uses the same platform and also uses the default character encoding.

Risk Assessment

Failure to specify the character encoding while performing file or network IO can corrupt the data.

Automated Detection

Sound automated detection of this vulnerability is not feasible.

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this guideline on the CERT website.

Bibliography

\[[Encodings 2006|AA. Bibliography#Encodings 06]\]

...