...
Failing to understand the limitations of floating-point numbers can result in unexpected computational results and exceptional conditions, possibly resulting in a violation of data integrity.
Recommendation | Severity | Likelihood |
|---|
Detectable | Repairable | Priority | Level |
|---|---|---|---|
FLP00-C | Medium | Probable | No |
No | P4 | L3 |
Automated Detection
Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| CodeSonar |
| LANG.ARITH.FMULOFLOW LANG.ARITH.FPEQUAL | Float multiplication overflow Floating point equality | ||||||
| ECLAIR |
| CC2.FLP00 | Fully implemented | ||||||
| Helix QAC |
| C0275, C0581, C1490, C3339, | |||||||
| Parasoft C/C++test |
| CERT_C-FLP00-a | Floating-point expressions shall not be tested for equality or inequality | |||||||
| PC-lint Plus |
| 777, 9252 | Partially supported | ||||||
| CERT C: Rec. FLP00-C | Checks for absorption of float operand (rec. partially covered) |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this recommendation on the CERT website.
Related Guidelines
...
Bibliography
| [Gough 2005] | Section 8.6, "Floating-Point Issues" |
| [Hatton 1995] | Section 2.7.3, "Floating-Point Misbehavior" |
| [IEEE 754 2006] |
| [Lockheed Martin 2005] | AV Rule 202, Floating-point variables shall not be tested for exact equality or inequality |
...