...
Operating System | How to handle floating point errors | |||
|---|---|---|---|---|
Linux | Use the C99 floating point exception functions. | |||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="539ff2ae4e1ce85f-3b08d2f2-49ac4a4d-9a21bb3e-14152d37b335f88a2557f7b0"><ac:plain-text-body><![CDATA[ | Windows | Either use the C99 floating point exception function or structured exception handling through | AA. C References#MSDN]] | ]]></ac:plain-text-body></ac:structured-macro> |
...
Recommendation | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
FLP03-A | low | probable | high | P2 | L3 |
Automated Detection
The tool Compass / ROSE could detect violations of this rule, by ensuring that floating point operations are surrounded by feclearexcept() and fetestexcept(). It would need to look for type conversions to float or double, divisions (by a number not known to be nonzero) and multiplication. It may be wisest to apply this to all floating point operations in general.
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
...