SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 35

changes.mady.by.user Carol J. Lallier

Saved on

compared with

New Version 36

changes.mady.by.user Aaron Ballman

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Narrower primitive types can be cast to wider types without any effect on the magnitude of numeric values. However, whereas integers represent exact values, floating-point numbers have limited precision. Section Subclause 6.3.1.4 of the C Standard [ISO/IEC 9899:2011] states:

...

When compiled with GCC 4.38.2 1 on Linux, this program prints the value -46.

...

Code Block
bgColor#ccccff
langc
#include <assert.h>
#include <stdio.h>
#include <float.h>
 
/* define8 or= includebits a/ definition of static_assert char */

static_assert(sizeof(int) * 8 <= DBL_MANT_DIG); // 8 = bits / char

int main() {
  int big = 1234567890;
  double approx = big;
  printf("%d\n", (big - (int)approx));
  return 0;
}

...

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

FLP36-C

low

unlikely

medium

P2

L3

...

 

TODO

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

CERT C Secure Coding StandardDCL03-C. Use a static assertion to test the value of a constant expression
CERT C++ Secure Coding StandardFLP36-CPP. Beware of precision loss when converting integral types to floating point
CERT Oracle Secure Coding Standard for JavaNUM13-J. Avoid loss of precision when converting primitive integers to floating-point

Bibliography

[ISO/IEC 9899:2011]Section 6Subclause 6.3.1.4, "Real Floating floating and Integerinteger"

 

...