SEI CERT Perl Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 2

changes.mady.by.user David Svoboda

Saved on

compared with

New Version Current

changes.mady.by.user Will Snavely

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

This compliant solution ensures that the loop counter computation involves numbers less than 2<superscript>24</superscript>
(248 (that is, 281,474,976,710,656).

Code Block
bgColor#ccccff
langperl
my $x = 10000000000000000;  # 1e+16
for (my $y = 0; $y <= 5; $y += 1) {
  my $z = $x + $y;
  print "$z\n";
}

...

1e+16
1e+16
1e+16
1e+16
1e+16
1e+16

Compliant Solution

This compliant solution uses the Bignum module to ensure precise computation. The Bignum module is available in CPAN, but became part of Perl's standard library for version 5.8.

Code Block
bgColor#ccccff
langperl
use bignum;
my $x = 10000000000000000;  # 1e+16
for (my $y = $x; $y <= $x + 5; $y += 1) {
  print "$y\n";
}

On a 32-bit machine, this program terminates normally after printing the following:

10000000000000000
10000000000000001
10000000000000002
10000000000000003
10000000000000004
10000000000000005

Risk Assessment

Failing to understand the limitations of floating-point numbers can result in unexpected computational results and exceptional conditions, possibly resulting in a violation of data integrity.

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

INT01-PL

medium

probable

high

P4

L3

Bibliography

[Gough 2005] Section 8.6, "Floating-point issues"
[IEEE 754 2006] 
[CPAN]Florian Ragwitz, bignum
[Meta CPAN]perlnumber

 

...

Image Added Image Added Image Added