In Java, byte arrays are often used to transmit raw binary data as well as character encoded data. Attempts to read raw binary data as if it were character encoded data often fail, because some of the bytes fall outside the default or specified encoding scheme and hence fail to denote valid characters. For example, converting a cryptographic key containing non-representable bytes to character encoded data for transmission may result in an error.
Also see guidelines FIO02-J. Keep track of bytes read and account for character encoding while reading data and IDS17-J. Specify the character encoding while performing file or network IO.
Noncompliant Code Example
This noncompliant example attempts to convert the byte array representing a BigInteger
into a String
. Because some of the bytes do not denote valid characters, the resulting String
representation loses information. Converting the String
back to a BigInteger
produces a different value.
BigInteger x = new BigInteger ("530500452766"); byte [] byteArray = x.toByteArray(); // convert to byte array String s = new String(byteArray); // s prints as "{âJ?ž" - // the fourth character is invalid // convert s back to a BigInteger byteArray = s.getBytes(); // convert to bytes x = new BigInteger(byteArray); // now x = 530500435870
Compliant Solution
This compliant solution first produces a String
representation of the BigInteger
, then converts the String
to a byte array. This process is reversed on input. Because the textual representation in the String
was generated by the BigInteger
class, it contains valid characters.
BigInteger x = new BigInteger ("530500452766"); String s = x.toString(); // valid character data byte [] byteArray = s.getBytes("UTF8"); String ns = new String(byteArray, "UTF8"); // ns prints as "530500452766" BigInteger x1 = new BigInteger(ns); // construct the original BigInteger
Do not try to convert the String
object to a byte array to obtain the original BigInteger
. Character encoded data may yield a byte array which when converted to a BigInteger
, results in a completely different value.
Risk Assessment
Attempting to read a byte array containing raw character data as if it were character data may produce erroneous results.
Guideline |
Severity |
Likelihood |
Remediation Cost |
Priority |
Level |
---|---|---|---|---|---|
FIO11-J |
low |
unlikely |
medium |
P2 |
L3 |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this guideline on the CERT website.
Bibliography
[[API 2006]] class String
FIO10-J. Do not let Runtime.exec() fail or block indefinitely 12. Input Output (FIO)