Page History

Literal decimal floating-point numbers can not cannot always be represented precisely using the double primitive type, because the underlying representation of double is binary. This imprecision becomes apparent when a BigDecimal is constructed from a double. precisely represented as an IEEE 754 floating-point value. Consequently, the BigDecimal(double val) constructor must not be invoked with passed a floating-point literalsliteral as an argument when doing so results in an unacceptable loss of precision.

Noncompliant Code Example

This noncompliant code example passes a double value to the BigDecimal constructor. Because the decimal literal 0.1 can not cannot be precisely represented by a double, precision of the BigDecimal is affected.

// printsPrints 0.1000000000000000055511151231257827021181583404541015625
// when run in FP-strict mode 
System.out.println(new BigDecimal(0.1)); 

Compliant Solution

This compliant solution passes the decimal literal as a String so that the BigDecimal(String val) constructor is invoked , and the precision is preserved.:

// printsPrints 0.1
// when run in FP-strict mode 
System.out.println(new BigDecimal("0.1"));

Risk Assessment

Using the BigDecimal(double val) constructor with decimal floating-point literals can lead to loss of precision.

Automated Detection

Automated detection appears to be is straightforward.

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this guideline on the CERT website.

Bibliography

[JLS 2005]

...

Bibliography

[JLS 2015]
[Seacord 2015]	Image Added NUM10-J. Do not construct BigDecimal objects from floating-point literals LiveLesson

...

Image Added Image Added Image Added use floating-point variables as loop counters      03. Numeric Types and Operations (NUM)      NUM14-J. Do not rely on the default string representation of floating point values