...
| Wiki Markup |
|---|
Avoid using the primitive floating-point types when precise computation is necessary, especially when performing currency calculations. Instead, consider alternative representations that are able to completely represent the necessary values. Whatever representation you choose, you must carefully and methodically estimate the maximum cumulative error of the computations to ensure that the resulting error is within acceptable tolerances. Consider using numerical analysis to properly understand the problem. See \[[Goldberg 1991|AA. Bibliography#Goldberg 91]\] for an introduction to this topic. |
Noncompliant Code Example
This noncompliant code example performs some basic currency calculations.
...
| Code Block |
|---|
A dollar less 7 dimes is $0.29999999999999993 |
Compliant Solution
This compliant solution uses an integer type (such as long) and works with cents rather than dollars.
...
| Code Block |
|---|
A dollar less 7 dimes is 30 cents |
Compliant Solution
This compliant solution uses the BigDecimal type which provides exact representation of decimal values. Note that on most platforms computations performed using BigDecimal are less efficient than those performed using primitive types. The importance of this reduced efficiency is application-specific.
...
| Code Block |
|---|
A dollar less 7 dimes is $0.3 |
Risk Assessment
Using a floating-point representation can result in a loss of precision and accuracy when precise computation is required.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
NUM07-J | low | probable | high | P2 | L3 |
Automated Detection
Automated detection of floating-point arithmetic is straight-forward; determining which code suffers from insufficient precision is not feasible in the general case. Heuristic checks, such as flagging floating-point literals that cannot be represented precisely, could be useful.
Related Guidelines
C Secure Coding Standard | "FLP02-C. Avoid using floating point numbers when precise computation is needed" |
C++ Secure Coding Standard | "FLP02-CPP. Avoid using floating point numbers when precise computation is needed" |
Bibliography
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="c0c0381ca04ff2a2-25a8b00d-44e04fc1-b3f8a736-bdbd595357d2fd4a2a8a2cfe"><ac:plain-text-body><![CDATA[ | [[Bloch 2008 | AA. Bibliography#Bloch 08]] | Item 48: Avoid | ]]></ac:plain-text-body></ac:structured-macro> | |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="4b102ed83313dca8-65ad9946-41624b34-b75ba948-829fb732c1409b5b6d68b0e5"><ac:plain-text-body><![CDATA[ | [[Bloch 2005 | AA. Bibliography#Bloch 05]] | Puzzle 2: Time for a Change | ]]></ac:plain-text-body></ac:structured-macro> | |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="0b21cdf997090299-8c2eb50b-47fa465f-afb88104-3b98d026102daf349563893d"><ac:plain-text-body><![CDATA[ | [[Goldberg 1991 | AA. Bibliography#Goldberg 91]] |
| ]]></ac:plain-text-body></ac:structured-macro> | |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="1d933925fcbc9cfe-3ee2d242-404e4e1b-84269c81-a4d45348761b33912993701e"><ac:plain-text-body><![CDATA[ | [[IEEE 754 | AA. Bibliography#IEEE 754 2006]] |
| ]]></ac:plain-text-body></ac:structured-macro> | |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="6ea0e443c3ab98b2-3c7c35cb-49b143b3-bfab9d8b-23ccea22618bedfd3fbc5060"><ac:plain-text-body><![CDATA[ | [[JLS 2005 | AA. Bibliography#JLS 05]] | [§4.2.3, "Floating-Point Types, Formats, and Values" | http://java.sun.com/docs/books/jls/third_edition/html/typesValues.html#4.2.3] | ]]></ac:plain-text-body></ac:structured-macro> |
...