Page History

Decimal Literal decimal floating-point numbers cannot always be precisely represented as a BigDecimal if an IEEE 754 floating-point value. Consequently, the BigDecimal(double val) constructor is usedmust not be passed a floating-point literal as an argument when doing so results in an unacceptable loss of precision.

Noncompliant Code Example

This noncompliant code example passes a double value to the BigDecimal constructor. Because of thisthe decimal literal 0.1 cannot be precisely represented by a double, precision of the literal BigDecimal is affected.

// printsPrints 0.1000000000000000055511151231257827021181583404541015625
// when run in FP-strict mode 
System.out.println(new BigDecimal(0.1)); 

Compliant Solution

This compliant solution passes the decimal literal as a String so that the BigDecimal(String val) constructor is invoked . and the precision is preserved:

// printsPrints 0.1
// when run in FP-strict mode 
System.out.println(new BigDecimal("0.1"));

Risk Assessment

Using the BigDecimal constructor that accepts decimal (double val) constructor with decimal floating-point literals can lead to loss of precision.

Automated Detection

TODO

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

References

[JLS 2005]

Automated detection is straightforward.

Bibliography

[JLS 2015]
[Seacord 2015]	Image Added NUM10-J. Do not construct BigDecimal objects from floating-point literals LiveLesson

...

Image Added Image Added Image AddedFLP07-J. Do not use floating point variables as loop counters      07. Floating Point (FLP)      FLP09-J. Do not rely on the default string representation of floating point values