SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 58

changes.mady.by.user David Svoboda

Saved on

compared with

New Version 59

changes.mady.by.user Melanie Thompson

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Conversion from floating-point to integer may cause an "invalid" floating-point exception. If this occurs, the value of that integer is undefined and should not be used.
  • Most implementations fail to raise "invalid" for conversions from any negative or "large" positive floating-point values to unsigned integer types or to signed char. (see See tflt2int.c.).
  • When a noninteger floating-point value is converted to an integer the "inexact" floating-point exception is raised.

...

C99 does not require all implementations to support floating-point exceptions. Each exception macro in fenv.h is defined if, and only if, the corresponding exception is supported. Only implementations that use IEC 60559 (formerly IEEE-754) floating-point arithmetic are required to support all five exceptions defined by C99. Nevertheless, these functions are the most portable solution for handling floating-point exceptions.

...

Operating System

How to handle floating point errors

Linux
Solaris 10
AIX 5.3
HP-UX 11.31
Mac OS X 10.5

Use the C99 floating-point exception functions.

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="aa55f7f4c1bfb030-70df7b20-42054041-a2559ae5-85021e394b58378aa146d4e2"><ac:plain-text-body><![CDATA[

Windows

Either use the C99 floating-point exception function or structured exception handling through _fpieee_flt [[MSDN

AA. Bibliography#MSDN]]

]]></ac:plain-text-body></ac:structured-macro>

...

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

FLP03-C

low

probable

high

P2

L3

Automated Detection

Tool

Version

Checker

Description

Section

Compass/ROSE

 

 

Section

could detect violations of this rule, by ensuring that floating point operations are surrounded by feclearexcept() and fetestexcept(). It would need to look for type conversions to float or double, divisions (by a number not known to be nonzero) and multiplication. It may be wisest to apply this to all floating point operations in general

...

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule recommendation on the CERT website.

Other Languages

Related Guidelines

This rule appears in the C++ Secure Coding Standard as : FLP03-CPP. Detect and handle floating point errors.

Bibliography

Wiki Markup
\[[IEEE 754|AA. Bibliography#IEEE 754 2006]\]
\[[Intel 012001|AA. Bibliography#Intel 01]\]
\[[Keil 082008|AA. Bibliography#Keil 08]\]
\[[MITRE 072007|AA. Bibliography#MITRE 07]\] [CWE ID 369|http://cwe.mitre.org/data/definitions/369.html], "Divide By Zero"
\[[MSDN|AA. Bibliography#MSDN]\] "[fpieee_flt (CRT)|http://msdn.microsoft.com/en-us/library/te2k2f2t(VS.80).aspx]"
\[[Open Group 042004|AA. Bibliography#Open Group 04]\] "[{{fenv.h}} - Floating-point environment|http://www.opengroup.org/onlinepubs/009695399/basedefs/fenv.h.html]"
\[[SecurityFocus 072007|AA. Bibliography#SecurityFocus 07]\]

...