80 lines
2.6 KiB
Plaintext
80 lines
2.6 KiB
Plaintext
== Why is this an issue?
|
|
|
|
The `BigDecimal` is used to represents immutable, arbitrary-precision signed decimal numbers.
|
|
|
|
Differently from the `BigDecimal`, the `double` primitive type and the `Double` type have limited precision
|
|
due to the use of double-precision 64-bit IEEE 754 floating point. Because of floating point imprecision,
|
|
the `BigDecimal(double)` constructor can be somewhat unpredictable.
|
|
|
|
For example writing `new BigDecimal(0.1)` doesn't create a BigDecimal which is exactly equal to 0.1,
|
|
but it is equal to 0.1000000000000000055511151231257827021181583404541015625.
|
|
This is because 0.1 cannot be represented exactly as a double (or, for that matter, as a binary fraction of any finite length).
|
|
|
|
== How to fix it
|
|
|
|
Use `BigDecimal.valueOf`, which uses a string under the covers to eliminate floating point rounding errors,
|
|
or the constructor that takes a `String` argument.
|
|
|
|
=== Code examples
|
|
|
|
==== Noncompliant code example
|
|
|
|
[source,java,diff-id=1,diff-type=noncompliant]
|
|
----
|
|
double d = 1.1;
|
|
|
|
BigDecimal bd1 = new BigDecimal(d); // Noncompliant
|
|
BigDecimal bd2 = new BigDecimal(1.1); // Noncompliant
|
|
----
|
|
|
|
==== Compliant solution
|
|
|
|
[source,java,diff-id=1,diff-type=compliant]
|
|
----
|
|
double d = 1.1;
|
|
|
|
BigDecimal bd1 = BigDecimal.valueOf(d); // Compliant
|
|
BigDecimal bd2 = new BigDecimal("1.1"); // Compliant
|
|
----
|
|
|
|
== Resources
|
|
|
|
=== Documentation
|
|
|
|
* https://docs.oracle.com/en/java/javase/20/docs/api/java.base/java/math/BigDecimal.html[Oracle - BigDecimal]
|
|
* https://wiki.sei.cmu.edu/confluence/x/kzdGBQ[CERT, NUM10-J] - Do not construct BigDecimal objects from floating-point literals
|
|
|
|
ifdef::env-github,rspecator-view[]
|
|
|
|
'''
|
|
== Implementation Specification
|
|
(visible only on this page)
|
|
|
|
=== Message
|
|
|
|
Use "BigDecimal.valueOf" instead.
|
|
|
|
|
|
'''
|
|
== Comments And Links
|
|
(visible only on this page)
|
|
|
|
=== on 7 Oct 2014, 16:24:30 Nicolas Peru wrote:
|
|
\[~ann.campbell.2] we might want to refer or quote the JavaDoc of BigDecimal double constructor here : \http://docs.oracle.com/javase/7/docs/api/java/math/BigDecimal.html#BigDecimal(double)
|
|
|
|
=== on 10 Oct 2014, 15:13:53 Freddy Mallet wrote:
|
|
Perfect !
|
|
|
|
=== on 16 Jan 2015, 09:32:59 Sébastien Gioria wrote:
|
|
Coudl be tag "security" as it's part of the CERT Secure Coding for Java (\https://www.securecoding.cert.org/confluence/display/java/NUM10-J.+Do+not+construct+BigDecimal+objects+from+floating-point+literals)
|
|
|
|
|
|
|
|
=== on 19 Jan 2015, 08:42:15 Ann Campbell wrote:
|
|
Thanks [~sebastien.gioria], reference added!
|
|
|
|
=== on 14 Jul 2016, 16:04:49 Ann Campbell wrote:
|
|
https://github.com/google/error-prone/blob/master/docs/bugpattern/BigDecimalLiteralDouble.md
|
|
|
|
endif::env-github,rspecator-view[]
|