SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 36

changes.mady.by.user Aaron Ballman

Saved on

compared with

New Version 37

changes.mady.by.user Carol J. Lallier

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Narrower primitive types can be cast to wider types without any effect on the magnitude of numeric values. However, whereas integers represent exact values, floating-point numbers have limited precision. Subclause 6.3.1.4 of the C Standard [ISO/IEC 9899:2011] states:

When a value of integer type is converted to a real floating type, if the value being converted can be represented exactly in the new type, it is unchanged. If the value being converted is in the range of values that can be represented but cannot be represented exactly, the result is either the nearest higher or nearest lower representable value, chosen in an implementation-defined manner. If the value being converted is outside the range of values that can be represented, the behavior is undefined.

...

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

FLP36-C

low

unlikely

medium

P2

L3

 

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

...

CERT C Secure Coding StandardDCL03-C. Use a static assertion to test the value of a constant expression
CERT C++ Secure Coding StandardFLP36-CPP. Beware of precision loss when converting integral types to floating point
CERT Oracle Secure Coding Standard for JavaNUM13-J. Avoid loss of precision when converting primitive integers to floating-point

Bibliography

[ISO/IEC 9899:2011]Subclause 6.3.1.4, "Real floating Floating and integerInteger"

 

...