Pythagorean calculation with sub-optimal numerics¶
ID: py/pythagoreanKind: problemSecurity severity: Severity: warningPrecision: mediumTags: - accuracyQuery suites: - python-security-and-quality.qls
Click to see the query in the CodeQL repository
Calculating the length of the hypotenuse using the standard formulac=sqrt(a**2+b**2) may lead to overflow if the two other sides are both very large. Even thoughc will not be much bigger thanmax(a,b), eithera**2 orb**2 (or both) will. Thus, the calculation could overflow, even though the result is well within representable range.
Recommendation¶
Rather thansqrt(a**2+b**2), use the built-in functionhypot(a,b) from themath library.
Example¶
The following code shows two different ways of computing the hypotenuse. The first is a direct rewrite of the Pythagorean theorem, the second uses the built-in function.
# We know that a^2 + b^2 = c^2, and wish to use this to compute cfrommathimportsqrt,hypota=3e154# a^2 > 1e308b=4e154# b^2 > 1e308# with these, c = 5e154 which is less that 1e308deflongSideDirect():returnsqrt(a**2+b**2)# this will overflowdeflongSideBuiltin():returnhypot(a,b)# better to use built-in function
References¶
Python Language Reference:The hypot function
Wikipedia:Hypot.