 
                            The object representation for floating-point values is implementation defined. However, an implementation that defines the __STDC_IEC_559__ macro shall conform to the IEC 60559 floating-point standard and uses what is frequently referred to as IEEE 754 floating-point arithmetic [ISO/IEC 9899:20112024]. The floating-point object representation used by IEC 60559 is one of the most common floating-point object representations in use today.
All floating-point object representations use specific bit patterns to encode the value of the floating-point number being represented. However, equivalence of floating-point values is not encoded solely by the bit pattern used to represent the value. For instance, if the floating-point format supports negative zero values (as IEC 60559 does), the values -0.0 and 0.0 are equivalent and will compare as equal, but the bit patterns used in the object representation are not identical. Similarly, if two floating-point values are both (the same) NaN, they will not compare as equal, despite the bit patterns being identical, because they are not equivalent.
...
Using the object representation of a floating-point value for comparisons can lead to incorrect equality results, which can lead to unexpected behavior.
| Rule | Severity | Likelihood | 
|---|
| Detectable | Repairable | Priority | Level | 
|---|---|---|---|
| FLP37-C | Low | Unlikely | 
| Yes | Yes | 
| P3 | L3 | 
Automated Detection
| Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Astrée | 
 | memcmp-with-float | Partially checked | ||||||
| Axivion Bauhaus Suite | 
 | CertC-FLP37 | Fully implemented | ||||||
| Cppcheck Premium | 
 | premium-cert-flp37-c | |||||||
| Helix QAC | 
 | C5026 C++3118 | |||||||
| Klocwork | 
 | MISRA.STDLIB.MEMCMP.PTR_ARG_TYPES | |||||||
| LDRA tool suite | 
 | 618 S | Enhanced Enforcement | 
| Parasoft C/C++test | 
 | CERT_C-FLP37-c | Do not use object representations to compare floating-point values | ||||||
| PC-lint Plus | 
 | 2498, 2499 | Fully supported | ||||||
| 
 | CERT C: Rule FLP37-C | Checks for memory comparison of floating-point values (rule fully covered) | |||||||
| PVS-Studio | 
 | V1014 | |||||||
| RuleChecker | 
 | memcmp-with-float | Partially checked | ||||||
| TrustInSoft Analyzer | 
 | Exhaustively verified. | 
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Bibliography
...
...