SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 34

changes.mady.by.user Pennie Walters

Saved on

compared with

New Version 35

changes.mady.by.user Pennie Walters

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Because of the complicated nature of the rules used to determine the result type of a conditional expression and the possibility of unintended type casting, it is recommended that the second and third operands of the conditional expression should always have the same type. This also applies to boxed primitives.

Noncompliant Code Example

This noncompliant code example prints the value of alpha as A, which is of the char type. The third operand '0', is a constant expression of type int whose value can be represented as a char and hence does not cause any numeric promotion. However, this behavior depends on the value of the constant integer expression. Changing the value of the constant integer expression may lead to different behavior, as will be demonstrated in the second noncompliant code example.

Code Block
bgColor#FFCCCC
public class Expr {
  public static void main(String[] args) {
    char alpha = 'A';
    System.out.print(true  ? alpha  : 0);
  }
}

Compliant Solution

This compliant solution recommends the use of the same types for the second and third operands of the conditional expressions. The clearer semantics help avoid confusion.

Code Block
bgColor#ccccff
public class Expr {
  public static void main(String[] args) {
    char alpha = 'A';
    // Cast 0 as a char to explicitly state that the type of the 
    // conditional expression should be char.
    System.out.print(true  ? alpha  : ((char) 0));
  }
}

Noncompliant Code Example

This noncompliant example prints 65 instead of the expected A. 65 is the ASCII equivalent of A. This happens because of the numeric promotion of the second operand alpha to an int. The numeric promotion occurs because the third operand (the constant expression '12345') is of type int and consequently, inappropriate for being represented as a char.

Code Block
bgColor#FFCCCC
public class Expr {
  public static void main(String[] args) {
    char alpha = 'A';
    System.out.print(true  ? alpha  : 12345);
  }
}

Compliant Solution

The compliant solution casts alpha to int for explicitly stating the result type (int) of the conditional expression. While casting 12345 to type char ensures that both operands in the conditional expression have the same type (and result in A being printed), it results in data loss when an integer larger than Character.MAX_VAUE is downsized to a char. This compliant solution casts alpha to int, the wider of the operand types, to avoid this issue.

Code Block
bgColor#ccccff
public class Expr {
  public static void main(String[] args) {
    char alpha = 'A';
    // Cast alpha as an int to explicitly state that the type of the 
    // conditional expression should be int.
    System.out.print(true  ? ((int) alpha)  : 12345);
  }
}

Noncompliant Code Example

This noncompliant code example prints 65 instead of A. This is because of numeric promotion of the second operand alpha to an int, which happens because the third operand, variable i, is an int.

Code Block
bgColor#FFCCCC
public class Expr {
  public static void main(String[] args) {
    char alpha = 'A';
    int i = 0;
    System.out.print(true ? alpha : i);
  }
}

Compliant Solution

This compliant solution declares i as a char, ensuring that the second and third operands of the conditional expression have the same type.

Code Block
bgColor#ccccff
public class Expr {
  public static void main(String[] args) {
    char alpha = 'A';
    char i = 0; //declare as char
    System.out.print(true ? alpha : i);
  }
}

Noncompliant Code Example

Wiki Markup
This noncompliant code example uses boxed and unboxed primitives of different types in the conditional expression. Consequently, the {{Integer}} object is auto-unboxed to its primitive type {{int}} and coerced to the primitive {{float}}. This results in loss of precision. \[[Findbugs 08|AA. Java References#Findbugs 08]\] (sic)

Code Block
bgColor#FFCCCC
public class Expr {
  public static void main(String[] args) {
    Integer i = Integer.MAX_VALUE;
    float f = 0;       
    System.out.print(true ? i : f);
  }
}

Compliant Solution

This compliant solution declares both the operands as Integer.

Code Block
bgColor#ccccff
public class Expr {
  public static void main(String[] args) {
    Integer i = Integer.MAX_VALUE;
    Integer f = 0; //declare as Integer
    System.out.print(true ? i : f);
  }
}

Risk Assessment

If the types of the second and third operands in a conditional expression are not the same then the result of the conditional expression may be unexpected.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

EXP00- J

low

unlikely

medium

P2

L3

Automated Detection

TODO

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

References

Wiki Markup
\[[JLS 05|AA. Java References#JLS 05]\] [Section 15.25, Conditional Operator ? :|http://java.sun.com/docs/books/jls/third_edition/html/expressions.html#15.25]
\[[Bloch 05|AA. Java References#Bloch 05]\] Puzzle 8: Dos Equis
\[[Findbugs 08|AA. Java References#Findbugs 08]\] "Bx: Primitive value is unboxed and coerced for ternary operator"

...