Float Overflow

Float Overflow (Numeric Imprecision) happen when a program perform floating-point arithmetic and does not handle the rounding imprecision or approximate representation. This can result into unexpected arithmetic result, non-deterministic program behaviour, data leak, security check bypass or denial of service.

Remediation

Make sure arithmetic result does not go beyond `float` or `double` range (see the remediation for Integer Overflow).
Perform rounding before using the result.
Read more about Float Overflow on https://learn.secdim.com/course/patriot-bug[SecDim Learn]

Metadata

Severity: low
Slug: float-overflow

CWEs

190: Integer Overflow or Wraparound
128: Wrap-around Error
191: Integer Underflow (Wrap or Wraparound)

Available Labs

Open Csharp labs in SecDim Play for this vulnerability.

easy

Float Overflow.cs

Csharp Easy Signature

Play AppSec WarGames

Want to skill-up in secure coding and AppSec? Try SecDim Wargames to learn how to find, hack and fix security vulnerabilities inspired by real-world incidents.

For Companies Play Now

Got a comment?

Join our secure coding and AppSec community. A discussion board to share and discuss all aspects of secure programming, AppSec, DevSecOps, fuzzing, cloudsec, AIsec code review, and more.