Possible loss of precision¶
ID: cs/loss-of-precisionKind: problemSecurity severity: Severity: errorPrecision: highTags: - quality - reliability - correctness - external/cwe/cwe-190 - external/cwe/cwe-192 - external/cwe/cwe-197 - external/cwe/cwe-681Query suites: - csharp-security-and-quality.qls
Click to see the query in the CodeQL repository
Converting the result of dividing, or multiplying, two integral expressions to a floating-point value may result in a loss of precision. For integral division, any fractional component of the result will be lost. For integral multiplication, the result may be outside the integral range and overflow.
Recommendation¶
For division, unless the intent is to round the result down to a whole number, you should cast one of the operands to a floating-point type before performing the division. For multiplication, unless the intent is to overflow, you should cast one of the operands to a floating-point type before performing the multiplication.
Example¶
In this examplec is equal to 5 because integer division is performed.
voidDivisionLossOfPrecision(){inta=21;intb=4;floatc=a/b;}
Casting one of the integers to a float ensures that float division is used and the remainder will be maintained, givingc the value of 5.25.
voidDivisionNoLossOfPrecision(){inta=21;intb=4;floatc=(float)a/b;}
In this example, ifa is greater than 536,870,911 the result will overflow.
voidMultiplicationLossOfPrecision(inta){intb=4;floatc=a*b;}
Casting one of the integers to a float ensures that float multiplication is used and overflow is avoided.
voidMultiplicationNoLossOfPrecision(inta){intb=4;floatc=(float)a*b;}
References¶
J. Albahari and B. Albahari,C# 4.0 in a Nutshell - The Definitive Reference, p.24.
MSDN, C# Reference/ operator,* operator.
Common Weakness Enumeration:CWE-190.
Common Weakness Enumeration:CWE-192.
Common Weakness Enumeration:CWE-197.
Common Weakness Enumeration:CWE-681.