Decimal numbers cannot be precisely represented as a BigDecimal if the BigDecimal(double val) constructor is used.

Noncompliant Code Example

This noncompliant code example passes a double value to the BigDecimal constructor. Because of this, precision of the literal is affected.

// prints 0.1000000000000000055511151231257827021181583404541015625
System.out.println(new BigDecimal(0.1));

Compliant Solution

This compliant solution passes the decimal literal as a String so that the BigDecimal(String val) constructor is invoked. 

// prints 0.1
System.out.println(new BigDecimal("0.1"));

Risk Assessment

Using the BigDecimal constructor that accepts decimal literals can lead to loss of precision.

Guideline

Severity

Likelihood

Remediation Cost

Priority

Level

FLP08-J

low

probable

low

P6

L2

Automated Detection

TODO

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this guideline on the CERT website.

Bibliography

[JLS 2005]

FLP07-J. Do not use floating point variables as loop counters      07. Floating Point (FLP)      FLP09-J. Do not rely on the default string representation of floating point values