Floating-point numbers can take on two classes of exceptional values; infinity and NaN (not-a-number). These values are returned as the result of exceptional or otherwise unresolvable floating point operations. (See also guideline rule FLP32-C. Prevent or detect domain and range errors in math functions.) Additionally, they can be directly input by a user by scanf or similar functions. Failure to detect and handle such values can result in undefined behavior.
...
Search for vulnerabilities resulting from the violation of this recommendation on the CERT website.
Related Guidelines
Java CERT C++ Secure Coding Standard: FLP06FLP04-JCPP. Check floating point inputs for exceptional valuesC++
The CERT Oracle Secure Coding Standard for Java: FLP04FLP06-CPPJ. Check floating point inputs for exceptional values
Bibliography
| Wiki Markup |
|---|
\[[IEEE 754|AA. Bibliography#IEEE 754 2006]\]
\[[ISO/IEC 9899:1999|AA. Bibliography#ISO/IEC 9899-1999]\]
\[[IEEE 1003.1, 2004|AA. Bibliography#IEEE 1003]\] |
...