According to C99, Section 5.1.2.3, "Program execution":
Rearrangement for floating-point expressions is often restricted because of limitations in precision as well as range. The implementation cannot generally apply the mathematical associative rules for addition or multiplication, nor the distributive rule, because of roundoff error, even in the absence of overflow and underflow. Likewise, implementations cannot generally replace decimal constants to rearrange expressions. In the following fragment, rearrangements suggested by mathematical rules for real
numbers are often not valid.
double x, y, z; /* ... */ x = (x * y) * z; // not equivalent tox *= y * z; z = (x - y) + y ; // not equivalent toz = x; z = x + x * y; // not equivalent toz = x * (1.0 + y); y = x / 5.0; // not equivalent toy = x * 0.2;
Risk Assessment
Recommendation |
Severity |
Likelihood |
Remediation Cost |
Priority |
Level |
---|---|---|---|---|---|
FLP01-A |
1 (low) |
2 (probable) |
2 (medium) |
P4 |
L3 |
Search for vulnerabilities resulting from the violation of this rule on the CERT website