Programs must not allow mathematical operations to exceed the integer ranges provided by their primitive integer data types. According to the Java Language Specification (JLS), §4.2.2, "Integer Operations,"
The built-in integer operators do not indicate overflow or underflow in any way. Integer operators can throw a
NullPointerExceptionif unboxing conversion of anullreference is required. Other than that, the only integer operators that can throw an exception are the integer divide operator/and the integer remainder operator%, which throw anArithmeticExceptionif the right-hand operand is zero, and the increment and decrement operators ++ and -- which can throw anOutOfMemoryErrorif boxing conversion is required and there is not sufficient memory available to perform the conversion.
...
BigInteger. Convert the inputs into objects of typeBigIntegerand perform all arithmetic usingBigIntegermethods. TypeBigIntegeris the standard arbitrary-precision integer type provided by the Java standard libraries. The arithmetic operations implemented as methods of this type cannot overflow; instead, they produce the numerically correct result. As a consequenceConsequently, compliant code only performs a single range check just before converting the final result to the original smaller type and throwing anArithmeticExceptionif the final result is outside the range of the original smaller type.
...
This compliant solution uses the safeAdd() and safeMultiply() methods defined in the Pre-condition testing Condition Testing section to perform secure integral operations or throw ArithmeticException on overflow.
...
- The number and order of accesses to
itemsInInventoryremains remain unchanged from the noncompliant code example. - All operations on the value of
itemsInInventoryare performed on a temporary local copy of its value. - The overflow check in this example is performed in inline code , rather than encapsulated in a method call. This is an acceptable alternative implementation. The choice of method call versus inline code should be made according to your organization's standards and needs.
...
INT32-C. Ensure that operations on signed integers do not result in overflow | ||||
INT32-CPP. Ensure that operations on signed integers do not result in overflow | ||||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="94c71919014f58a3-fc3ee8c9-417b420a-b03e8547-97832aaa60ecb574d991429e"><ac:plain-text-body><![CDATA[ | [ISO/IEC TR 24772:2010 | http://www.aitcnet.org/isai/] | "Wrap?around Error [XYY]" | ]]></ac:plain-text-body></ac:structured-macro> |
CWE ID -682, "Incorrect Calculation" | ||||
| CWE ID -190, "Integer Overflow or Wraparound" | |||
| CWE ID -191, "Integer Underflow (Wrap or Wraparound)" |
...
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="d82d9404ee2e7d3a-31160195-4921488a-9a18807b-90f50bbf3e6e999d74bd1e66"><ac:plain-text-body><![CDATA[ | [[API 2006 | AA. Bibliography#API 06]] | class [ | http://download.oracle.com/javase/6/docs/api/java/util/concurrent/atomic/AtomicInteger.html] | ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="6193f6d90aa4f397-bd229642-48124dab-894f9574-e22c1ad5b5ea3d1d4c6c9d01"><ac:plain-text-body><![CDATA[ | [[Bloch 2005 | AA. Bibliography#Bloch 05]] | Puzzle 27: Shifty i's | ]]></ac:plain-text-body></ac:structured-macro> | |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="01ca38465adcb5a5-10187bd8-491d4cb1-95f3b86d-dd2e1c75548615ef1bd1c860"><ac:plain-text-body><![CDATA[ | [[JLS 2005 | AA. Bibliography#JLS 05]] | [§4.2.2, "Integer Operations" | http://java.sun.com/docs/books/jls/third_edition/html/typesValues.html#4.2.2] | ]]></ac:plain-text-body></ac:structured-macro> |
| |||||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="4c3ae426023b2f31-d38b5357-4a2849c1-92a799c5-cee76bfd37075f5dac762fea"><ac:plain-text-body><![CDATA[ | [[Seacord 2005 | AA. Bibliography#Seacord 05]] | Chapter 5. Integers | ]]></ac:plain-text-body></ac:structured-macro> | |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="cf547cb8831a8ae2-9e664609-4cfe480f-94c6bdbc-0204f2121d70560c624a6e1d"><ac:plain-text-body><![CDATA[ | [[Tutorials 2008 | AA. Bibliography#Tutorials 08]] | Primitive Data Types | ]]></ac:plain-text-body></ac:structured-macro> |
...