FIO12-J. Provide methods to read and write little-endian data

In Java, data is stored in big-endian format (also called network order). That is, all data is represented sequentially starting from the most significant bit to the least significant. JDK versions prior to JDK 1.4 required definition of custom methods that manage reversing byte order to maintain compatibility with little-endian systems. Correct handling of byte order related issues is critical when exchanging data in a networked environment that includes both big-endian and little-endian machines, or when working with other languages via JNI. Failure to handle byte ordering issues can cause unexpected program behavior.

Noncompliant Code Example

The read methods (readByte, readShort, readInt, readLong, readFloat and readDouble) and the corresponding write methods defined by class java.io.DataInputStream operate only on big-endian data. Use of these methods while interoperating with traditional languages, such as C or C++, is insecure because such languages lack any guarantees about endianness. This noncompliant code example shows such a discrepancy.

DataInputStream dis = new DataInputStream(
  new FileInputStream("data"));  // Little-endian data might be read as big-endian
int serialNumber = dis.readInt();

Compliant Solution (Use ByteBuffer)

This compliant solution uses methods provided by class ByteBuffer (see [[API 2006]] ByteBuffer) to correctly extract an int from the original input value. It wraps the input byte array with a ByteBuffer, sets the byte order to little-endian, and extracts the int. The result is stored in the integer serialNumber.

	 
DataInputStream dis = new DataInputStream( new FileInputStream("data"));
byte[] buffer = new byte[4];
int bytesRead = dis.read(buffer);  // Bytes are read into buffer
if (bytesRead != 4) {
    throw new IOException("Unexpected End of Stream");
}
int serialNumber = ByteBuffer.wrap(buffer).order(ByteOrder.LITTLE_ENDIAN).getInt();

Class ByteBuffer provides analogous get and put methods for the other numeric types.

Compliant Solution (Define Special-Purpose Methods)

An alternative compliant solution is to define read and write methods that support the necessary byte-swapping while reading from or writing to the file. In this example, the readLittleEndianInteger() method reads four bytes into a byte buffer and then pieces together the integer in the correct order. The writeLittleEndianInteger() method obtains bytes by repeatedly casting the integer so that the least significant byte is extracted on successive right shifts. Long values can be handled by defining a byte buffer of size eight.

	 
// read method
public static int readLittleEndianInteger(InputStream ips) throws IOException {
  byte[] buffer = new byte[4];
  int check = ips.read(buffer);

  if (check != 4) {
    throw new IOException("Unexpected End of Stream");
  }
 
  int result = (buffer[3] << 24) | (buffer[2] << 16) | (buffer[1] << 8) | buffer[0];
  return result;
}

// write method
public static void writeLittleEndianInteger(int i, OutputStream ops) throws IOException {
  byte[] buffer = new byte[4];
  buffer[0] = (byte) i;
  buffer[1] = (byte) (i >> 8);
  buffer[2] = (byte) (i >> 16);
  buffer[3] = (byte) (i >> 24);
  ops.write(buffer);
}

Compliant Solution (Use reverseBytes())

When programming for JDK 1.5+, use the reverseBytes() method defined in the classes Character, Short, Integer, and Long to reverse the order of the integral value's bytes. Note that classes Float and Double lack such a method.

	 
public static int reverse(int i){
  return Integer.reverseBytes(i);
}

Risk Assessment

Reading and writing data without considering endianness can lead to serious misinterpretations of both the magnitude and sign of the data.

Automated Detection

Automated detection is infeasible in the general case.

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

Bibliography

FIO11-J. Do not attempt to read raw binary data as character data      12. Input Output (FIO)