Page History

...

public int do_operation(int a,int b)
{
  int temp = a - b;
  // Could result in overflow
  // Perform other processing
  return temp;
}

Compliant

...

Solution (Use

...

Long)

The appropriate remediation is to check the range explicitly before the subtraction.

...

int a,b,result
//do stuff
result = a*b;//May result in overflow

Compliant

...

Solution

Since the size of the type long (64 bits) is twice the size of the type int (32 bits), the multiplication should be performed in terms of long. If the product is in the valid integer range, it can be safely downcast to an int.

...

int a,b,result
result = a/b;

Compliant

...

Solution

if(a == Integer.MIN_VALUE && b == -1)
throw ArithmeticException;//May be Integer.MIN_VALUE again
else
result = a/b;//safe operation

...

int temp = -result;

Compliant

...

Solution

if(a == Integer.MIN_VALUE)
  throw ArithmeticException;
else
  result = -a;

...

The shift operation in Java is quite different from C\C++,

• The right shift is an arithmetic shift, while in C\C++ it is implementation defined (logical or arithmetic).

• In C\C++ if the value being left shifted is negative or the right-hand operator of the shift operation is negative or greater than or equal to the width of the promoted left operand, we have undefined behavior. This does not extend to Java as integer types are masked by the last 5 lower order bits of the right operand (or 0x1F). This results in a value modulo 31, inclusive.

• Wiki Markup
  When the value to be shifted (left-operand) is a {{long}}, only the last 6 bits of the right-hand operand are used to perform the shift. The shift distance is the value of the right-hand operand masked by 63 (0x3D)\[[JLS 03|AA. Java References#JLS 03]\], i.e., it is always between 0 and 63. (If the shift value is greater than 64, then the shift is {{value % 64}})

Risk Assessment

Noncompliant Code Example

In this example, the programmer wishes to shift the integer {{i}} until, after 32 iterations, the value becomes 0. Unfortunately, this loop never terminates as an attempt to shift an integer value by 32 bits results in the integer itself rather than the value 0. \[[Bloch 05|AA. Java References#Bloch 05]\] 

int i = 0;
while ((-1 << i) != 0)
  i++;

Compliant Solution

This compliant solution shows how instead of repeatedly shifting the value -1 with a different shift distance, one can save the result of the previous shift and continue shifting bit by bit on each successive iteration.

for (int val = -1; val != 0; val <<= 1);

Risk Assessment

Failure to perform explicit range checking can lead to integer overflows causing unexpected program control flow Failure to perform explicit range checking can lead to integer overflows causing unexpected program control flow or unanticipated program behavior.

...

\[[SCG 07|AA. Java References#SCG 07]\] Introduction
\[[JLS 03|AA. Java References#JLS 03]\] 4.2.2 Integer Operations and 15.22 Bitwise and Logical Operators
\[[Tutorials 08|AA. Java References#Tutorials 08]\] Primitive Data Types
\[[Seacord 05|AA. Java References#Seacord 05]\] Chapter 5. Integers
\[[Bloch 05|AA. Java References#Bloch 05]\] Puzzle 27: Shifty i's

...

INT33-J. Be careful while casting numeric types to wider floating-point types      04. Integers (INT)      05. Floating Point (FLP)