...
When converting integers to floating-point values, and vice versa, it is important to carry out proper range checks to avoid undefined behavior. (See guideline rule FLP34-C. Ensure that floating point conversions are within range of the new type.)
...
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
CERT C++ Secure Coding Standard: FLP33-CPP. Convert integers to floating point for floating point operations
Java The CERT Oracle Secure Coding Standard for Java: FLP02-J. Convert integers to floating point for floating point operations
Bibliography
unmigrated-wiki-markup
\[[Hatton 1995|AA. Bibliography#Hatton 95]\] Section 2.7.3, "Floating-point misbehavior"
\[[ISO/IEC 9899:1999|AA. Bibliography#ISO/IEC 9899-1999]\] Section 5.2.4.2.2, "Characteristics of floating types <{{float.h}}>"
MITRE CWE: CWE-681, "Incorrect Conversion between Numeric Types
MITRE CWE: CWE-682, "Incorrect Calculation"
Bibliography
| Wiki Markup |
|---|
\[[Hatton 1995|AA. Bibliography#Hatton 95]\] Section 2.7.3, "Floating-point misbehavior \[[MITRE 2007|AA. Bibliography#MITRE 07]\] [CWE ID 681|http://cwe.mitre.org/data/definitions/681.html], "Incorrect Conversion between Numeric Types," and [CWE ID 682|http://cwe.mitre.org/data/definitions/682.html], "Incorrect Calculation" |
...
05. Floating Point (FLP) FLP34-C. Ensure that floating point conversions are within range of the new type