# Possible loss of precision¶

ID: cs/loss-of-precision
Kind: problem
Security severity:
Severity: error
Precision: high
Tags:
- reliability
- correctness
- external/cwe/cwe-190
- external/cwe/cwe-192
- external/cwe/cwe-197
- external/cwe/cwe-681
Query suites:
- csharp-security-and-quality.qls

Click to see the query in the CodeQL repository

Converting the result of dividing, or multiplying, two integral expressions to a floating-point value may result in a loss of precision. For integral division, any fractional component of the result will be lost. For integral multiplication, the result may be outside the integral range and overflow.

## Recommendation¶

For division, unless the intent is to round the result down to a whole number, you should cast one of the operands to a floating-point type before performing the division. For multiplication, unless the intent is to overflow, you should cast one of the operands to a floating-point type before performing the multiplication.

## Example¶

In this example c is equal to 5 because integer division is performed.

void DivisionLossOfPrecision()
{
int a = 21;
int b = 4;
float c = a / b;
}

Casting one of the integers to a float ensures that float division is used and the remainder will be maintained, giving c the value of 5.25.

void DivisionNoLossOfPrecision()
{
int a = 21;
int b = 4;
float c = (float)a / b;
}

In this example, if a is greater than 536,870,911 the result will overflow.

void MultiplicationLossOfPrecision(int a)
{
int b = 4;
float c = a * b;
}

Casting one of the integers to a float ensures that float multiplication is used and overflow is avoided.

void MultiplicationNoLossOfPrecision(int a)
{
int b = 4;
float c = (float)a * b;
}

## References¶

• J. Albahari and B. Albahari, C# 4.0 in a Nutshell - The Definitive Reference, p.24.

• MSDN, C# Reference / operator, * operator.

• Common Weakness Enumeration: CWE-190.

• Common Weakness Enumeration: CWE-192.

• Common Weakness Enumeration: CWE-197.

• Common Weakness Enumeration: CWE-681.