 
                            Literal decimal floating-point numbers can not cannot always be represented precisely using the double primitive type, because the underlying representation of double is binary. This imprecision becomes apparent when a BigDecimal is constructed from a double. precisely represented as an IEEE 754 floating-point value. Consequently, the BigDecimal(double val) constructor must not be invoked with passed a floating-point literalsliteral as an argument when doing so results in an unacceptable loss of precision.
Noncompliant Code Example
This noncompliant code example passes a double value to the BigDecimal constructor. Because the decimal literal 0.1 can not cannot be precisely represented by a double, precision of the BigDecimal is affected.
| Code Block | ||
|---|---|---|
| 
 | ||
| // printsPrints 0.1000000000000000055511151231257827021181583404541015625 // when run in FP-strict mode System.out.println(new BigDecimal(0.1)); | 
Compliant Solution
This compliant solution passes the decimal literal as a String so that the BigDecimal(String val) constructor is invoked , and the precision is preserved.:
| Code Block | ||
|---|---|---|
| 
 | ||
| // printsPrints 0.1 // when run in FP-strict mode System.out.println(new BigDecimal("0.1")); | 
Risk Assessment
Using the BigDecimal(double val) constructor with decimal floating-point literals can lead to loss of precision.
| Rule | Severity | Likelihood | Detectable | 
|---|
| Repairable | Priority | Level | 
|---|
| NUM10-J | Low | 
| Probable | 
| Yes | 
| Yes | P6 | L2 | 
Automated Detection
Automated detection appears to be is straightforward.
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this guideline on the CERT website.
Bibliography
[JLS 2005]
| Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Klocwork | 
 | JAVA.BIGDEC.FLOAT | |||||||
| Parasoft Jtest | 
 | CERT.NUM10.BBDCC | Do not pass floating point values to the 'BigDecimal' constructor | ||||||
| PVS-Studio | 
 | V6068 | |||||||
| SonarQube | 
 | S2111 | "BigDecimal(double)" should not be used | 
Bibliography
...
FLP07-J. Do not use floating point variables as loop counters 03. Floating Point (FLP) FLP09-J. Do not rely on the default string representation of floating point values