Result of multiplication cast to wider type¶
ID: java/integer-multiplication-cast-to-long Kind: problem Severity: warning Precision: very-high Tags: - reliability - correctness - types - external/cwe/cwe-190 - external/cwe/cwe-192 - external/cwe/cwe-197 - external/cwe/cwe-681 Query suites: - java-security-and-quality.qls
An integer multiplication that is assigned to a variable of type
long or returned from a method with return type
long may cause unexpected arithmetic overflow.
Casting to type
long before multiplying reduces the risk of arithmetic overflow.
In the following example, the multiplication expression assigned to
j causes overflow and results in the value
-1651507200 instead of
int i = 2000000000; long j = i*i; // causes overflow
In the following example, the assignment to
k correctly avoids overflow by casting one of the operands to type
int i = 2000000000; long k = i*(long)i; // avoids overflow
J. Bloch and N. Gafter, Java Puzzlers: Traps, Pitfalls, and Corner Cases, Puzzle 3. Addison-Wesley, 2005.
Java Language Specification: Multiplication Operator.
SEI CERT Oracle Coding Standard for Java: NUM00-J. Detect or prevent integer overflow.
Common Weakness Enumeration: CWE-190.
Common Weakness Enumeration: CWE-192.
Common Weakness Enumeration: CWE-197.
Common Weakness Enumeration: CWE-681.