Float Overflow

Float Overflow (Numeric Imprecision) happen when a program perform floating-point arithmetic and does not handle the rounding imprecision or approximate representation. This can result into unexpected arithmetic result, non-deterministic program behaviour, data leak, security check bypass or denial of service.

Remediation

Make sure arithmetic result does not go beyond float or double range (see the remediation for Integer Overflow).
Perform rounding before using the result.
Read more about Float Overflow on SecDim Learn

Metadata

Severity: low
Slug: float-overflow

CWEs

190: Integer Overflow or Wraparound
128: Wrap-around Error
191: Integer Underflow (Wrap or Wraparound)

Available Labs

Open Java labs in SecDim Play for this vulnerability.

easy

Float Overflow.java

Java Easy

Play AppSec WarGames

Want to skill-up in secure coding and AppSec? Try SecDim Wargames to learn how to find, hack and fix security vulnerabilities inspired by real-world incidents.

For Companies Play Now

Got a comment?

Join our secure coding and AppSec community. A discussion board to share and discuss all aspects of secure programming, AppSec, DevSecOps, fuzzing, cloudsec, AIsec code review, and more.