Java does not support the use of unsigned types, except for the 16 bit char datatype. Sometimes, it is necessary to interoperate with native languages such as C /or C++ that use unsigned types extensively. The standard practice to deal with unsigned types input is to read their values into Java's larger signed primitives. For example, a signed long is can be used to hold an unsigned integer obtained from native code.
Noncompliant Code Example
This example incorrectly uses a generic method for reading in integer data irrespective of the signedness. It assumes that the value is always signed and thus treats the most significant bit (MSB) as the sign bit causing misinterpretations about the actual sign and magnitude of the integer.
...
This compliant solution assumes that the unsigned integer has 32 bits. It reads in an unsigned integer value into a long variable using the readInt() method. If the read integer is unsigned, the most significant bit may be turned on. Consequently, all the higher order bits of the resulting long will be set due to are set because of sign extension, and these have to must be masked off as demonstrated. The mask size must vary depending on the size of the unsigned integer.
| Code Block | ||
|---|---|---|
| ||
public static long getInteger2(DataInputStream is) throws IOException {
return is.readInt() & 0xFFFFFFFFL;
}
|
...
Treating an unsigned type as signed can result in misinterpretations and can lead to erroneous calculationslost or misinterpreted data.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
SEC01-J | low | unlikely | medium | P2 | L3 |
...