The Java Language Specification allows 64-bit long and double values to be treated as two 32-bit values. For example, a 64-bit write operation may could be performed as two separate, 32-bit operations.
...
| Code Block | ||
|---|---|---|
| ||
class LongContainer {
private long i = 0;
void assignValue(long j) {
i = j;
}
void printLong() {
System.out.println("i = " + i);
}
}
|
A similar problem may can occur if i is declared double.
...
VNA05-EX1: If all reads and writes of 64-bit long and double values occur within a synchronized region, the atomicity of the read/write is guaranteed. This requires that no unsynchronized methods in the class expose the value and that the value is inaccessible (directly or indirectly) from other code. (For more information, see guidline guideline VNA02-J. Ensure that compound operations on shared variables are atomic.)
...
Any vulnerabilities resulting from the violation of this guideline are listed on the CERT website.
Related Guidelines
MITRE CWE: CWE-667 "Insufficient Locking"
Bibliography
| Wiki Markup |
|---|
\[[JLS 2005|AA. Bibliography#JLS 05]\] 17.7 Non-Atomic Treatment of double and long
\[[Goetz 2006|AA. Bibliography#Goetz 06]\] 3.1.2. Non-Atomic 64-Bit Operations
\[[Goetz 2004c|AA. Bibliography#Goetz 04c]\]
\[[MITRE 2009|AA. Bibliography#MITRE 09]\] [CWE ID 667|http://cwe.mitre.org/data/definitions/667.html] "Insufficient Locking" |
Issue Tracking
| Tasklist | ||||
|---|---|---|---|---|
| ||||
||Completed||Priority||Locked||CreatedDate||CompletedDate||Assignee||Name||
|F|M|F|1269650712386| |dmohindr|Section 17.7 "Non-Atomic Treatment of {{double}} and {{long}}" ... Non-Atomic is Non-atomic in JLS 05, should we retain the lower-case for "atomic" as given in the reference?|
|
...