...
| Wiki Markup |
|---|
When precise computation is necessary, carefully and methodically estimate the maximum cumulative error of the computations, regardless of whether decimal or binary is used, to ensure that the resulting error is within tolerances. Consider using numerical analysis to properly understand the problem. An introduction can be found in \[[Goldberg 911991|AA. Bibliography#Goldberg 91]\]. |
...
This noncompliant code example takes the mean of 10 identical numbers and checks to see if the mean matches this number. It should , because the ten numbers are all 10.1. Yet, because of the imprecision of floating-point arithmetic, the computed mean does not match this number.
...
Recommendation | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
FLP02-C | low | probable | high | P2 | L3 |
Automated Detection
Tool | Version | Checker | Description | ||||
|---|---|---|---|---|---|---|---|
|
|
|
|
...
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule recommendation on the CERT website.
Other Languages
Related Guidelines
This rule appears in the C++ Secure Coding Standard as : FLP02-CPP. Avoid using floating point numbers when precise computation is needed.
This rule appears in the Java Secure Coding Standard as : FLP00-J. Avoid using floating point numbers when precise computation is needed.
Bibliography
| Wiki Markup |
|---|
\[[Goldberg 911991|AA. Bibliography#Goldberg 91]\] \[[IEEE 754 2006|AA. Bibliography#IEEE 754 2006]\] \[[ISO/IEC JTC1/SC22/WG11|AA. Bibliography#ISO/IEC JTC1/SC22/WG11]\] \[[ISO/IEC PDTR 24772|AA. Bibliography#ISO/IEC PDTR 24772]\] "PLF Floating Point Arithmetic" \[[ISO/IEC DTR 24732|AA. Bibliography#ISO/IEC DTR 24732]\] |
...