A DESCRIPTION OF THE REQUEST :
Operations on integer values are performed in modulo arithmetic, and
as a result do not throw exceptions when the result cannot be represented.
To detect results that cannot be represented, the programmer has to add
lengthy and complex code, which seldom is done.
This makes Java applications weak when facing security attacks.
Security vulnerabilities are more and more filed regarding integer overflows.
This is becoming thus a big weak spots in applications.
JUSTIFICATION :
An enhancement is necessary to close a hole in security.
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
There is a need for integer operations that can throw an exception when
the result cannot be represented. This can be provided in several ways:
with a new primitive type, or with new operations, or with some compilation
option.
ACTUAL -
Integer operations do not throw exceptions whe they cannot represent the
result, and do not allow to easily check overflow either.
Operations on integer values are performed in modulo arithmetic, and
as a result do not throw exceptions when the result cannot be represented.
To detect results that cannot be represented, the programmer has to add
lengthy and complex code, which seldom is done.
This makes Java applications weak when facing security attacks.
Security vulnerabilities are more and more filed regarding integer overflows.
This is becoming thus a big weak spots in applications.
JUSTIFICATION :
An enhancement is necessary to close a hole in security.
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
There is a need for integer operations that can throw an exception when
the result cannot be represented. This can be provided in several ways:
with a new primitive type, or with new operations, or with some compilation
option.
ACTUAL -
Integer operations do not throw exceptions whe they cannot represent the
result, and do not allow to easily check overflow either.
- relates to
-
JDK-8279986 methods Math::asXExact for safely checked primitive casts
-
- In Progress
-
-
JDK-8075806 divideExact is missing in java.lang.Math
-
- Resolved
-
-
JDK-8154433 Add Math.toLongExact(double) and Math.toDoubleExact(long)
-
- Closed
-