...
For information regarding floating-point number conversions, see FLP34-C. Ensure that floating-point conversions are within range of the new type.
The C standard does not require all implementations to support floating-point exceptions. Each exception macro in fenv.h is defined if, and only if, the corresponding exception is supported. Only implementations that use IEC 60559 (formerly IEEE-754) floating-point arithmetic are required to support all five exceptions defined by C (see the C Standard, Section 7.6.2 [ISO/IEC 9899:2011]). Nevertheless, these functions are the most portable solution for handling floating-point exceptions.
...
Operating System | How to Handle Floating-Point Errors |
|---|---|
Linux | Use the C floating-point exception functions. |
Windows | Use either the C floating-point exception functions or structured exception handling through |
Noncompliant Code Example
...
Search for vulnerabilities resulting from the violation of this recommendation on the CERT website.
Related Guidelines
| CERT C++ Secure Coding Standard | FLP03-CPP. Detect and handle floating point errors |
| MITRE CWE | CWE-369, Divide by zero |
Bibliography
| [IEEE 754] | |
| [Intel 2001] | |
| [Keil 2008] | |
| [MSDN] | "fpieee_flt (CRT)" |
| [Open Group 2004] | "fenv.h - Floating-point environment" |
| [SecurityFocus 2007] |