JDK-6708398 : Support integer overflow
  • Type: Enhancement
  • Component: core-libs
  • Sub-Component: java.lang
  • Affected Version: 6
  • Priority: P4
  • Status: Closed
  • Resolution: Fixed
  • OS: windows_vista
  • CPU: x86
  • Submitted: 2008-05-29
  • Updated: 2022-01-13
  • Resolved: 2012-05-07
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 8
8 b28Fixed
Related Reports
Relates :  
JDK-8279986 - intrinsic methods Math::asXExact for safely checked primitive casts
Relates :  
JDK-8075806 - divideExact is missing in java.lang.Math
Relates :  
JDK-8154433 - Add Math.toLongExact(double) and Math.toDoubleExact(long)
Description
A DESCRIPTION OF THE REQUEST :
Operations on integer values are performed in modulo arithmetic, and
as a result do not throw exceptions when the result cannot be represented.
  To detect results that cannot be represented, the programmer has to add
lengthy and complex code, which seldom is done.
This makes Java applications weak when facing security attacks.
Security vulnerabilities are more and more filed regarding integer overflows.
This is becoming thus a big weak spots in applications.


JUSTIFICATION :
An enhancement is necessary to close a hole in security.

EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
There is a need for integer operations that can throw an exception when
the result cannot be represented. This can be provided in several ways:
with a new primitive type, or with new operations, or with some compilation
option.
ACTUAL -
Integer operations do not throw exceptions whe they cannot represent the
result, and do not allow to easily check overflow either.
Comments
SUGGESTED FIX Added methods to java.lang.Math and java.lang.StrictMath for addExact, subtractExact, multiplyExact, and toIntExact for int and long types. The method throw ArithmeticExceptions if the result is out of range.
16-02-2012
EVALUATION The BigInteger type can be used when range-unrestircted integers are helpful.
10-06-2008