
...
A less portable but potentially more secure solution is to use the capabilities provided by the underlying implementation. If this approach is taken, the caveats of that system must be well understood. The following table provides a starting point for some common operating systems:
Operating System | How to Handle Floating-Point Errors |
---|---|
Linux | Use the C floating-point exception functions |
Windows | Use either the C floating-point exception functions or structured exception handling through |
Noncompliant Code Example
...
Undetected floating-point errors may result in lower program efficiency, inaccurate results, or software vulnerabilities. Most processors stall for a significant duration when an operation incurs a NaN (not a number) value.
Recommendation | Severity | Likelihood |
---|
Detectable | Repairable | Priority | Level |
---|---|---|---|
FLP03-C | Low | Probable | No |
No | P2 | L3 |
Automated Detection
Tool | Version | Checker | Description | ||||||
---|---|---|---|---|---|---|---|---|---|
Astrée |
| float-division-by-zero | Partially checked | ||||||
Compass/ROSE |
Could detect violations of this rule by ensuring that floating-point operations are surrounded by | |||||||||
LDRA tool suite |
| 43 D | Partially implemented | ||||||
Parasoft C/C++test |
|
|
|
CERT_C-FLP03-a | Avoid division by zero | ||||||||
Parasoft Insure++ | Runtime analysis | ||||||||
PC-lint Plus |
| 736, 9120, 9227 | Assistance provided | ||||||
Polyspace Bug Finder |
| Checks for: |
|
Invalid use of standard library floating point routine
Overflow when converting between floating point data types
Overflow from operation between floating points
Wrong arguments to standard library function
Rec. partially covered. | |||||||||
Security Reviewer - Static Reviewer |
| C87 | Fully implemented |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this recommendation on the CERT website.
Related Guidelines
SEI CERT C++ Coding Standard | VOID FLP03-CPP. Detect and handle floating point errors |
MITRE CWE | CWE-369, Divide by zero |
Bibliography
[IEEE Std 1003.1:2013] | XBD, Headers, <fenv.h> |
[Intel 2001] |
[ISO/IEC 9899:2011] | Subclause 7.6.2, "Floating-Point Exceptions" |
[Keil 2008] |
[MSDN] | "fpieee_flt (CRT)" |
[SecurityFocus 2007] |
...
...