SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 88

changes.mady.by.user Will Snavely

Saved on

compared with

New Version 89

changes.mady.by.user Robert Seacord

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

This noncompliant code example accepts user data without validating it.

Code Block
bgColor#FFCCCC

double currentBalance; // User's cash balance

void doDeposit(String userInput) {
  double val = 0;
  try {
    val = Double.valueOf(userInput);
  } catch (NumberFormatException e) {
    // Handle input format error
  }

  if (val >= Double.MAX_VALUE - currentBalance) {
    // Handle range error
  }

  currentBalance += val;
}

...

This compliant solution validates the floating-point input before using it. The value is tested to ensure that it is neither infinity, -infinity, nor NaN.

Code Block
bgColor#ccccff

double currentBalance; // User's cash balance

void doDeposit(String userInput){
  double val = 0;
  try {
    val = Double.valueOf(userInput);
  } catch (NumberFormatException e) {
    // Handle input format error
  }

  if (Double.isInfinite(val)){
    // Handle infinity error
  }

  if (Double.isNaN(val)) {
    // Handle NaN error
  }

  if (val >= Double.MAX_VALUE - currentBalance) {
    // Handle range error
  }
  currentBalance += val;
}

...

Automated detection is infeasible in the general case. It could be possible to develop a taint-like analysis that detects many interesting cases.

Related Guidelines

The CERT C Secure Coding Standard

FLP04-C. Check floating-point inputs for exceptional values

The CERT C++ Secure Coding Standard

FLP04-CPP. Check floating point inputs for exceptional values

Bibliography

[IEEE 754]

 

[IEEE 1003.1, 2004]

 
[Seacord 2015]

Image result for video iconImage Added NUM08-J. Check floating-point inputs for exceptional values LiveLesson