JAVA.COMPARE.NAN

Do not attempt comparisons with NaN

Vulnerability and risk

Validating the return from NaN may not result in the expected outcome.

Mitigation and prevention

Use another approach, such as isNan() or Double.isNaN, for validation.

1
2
3
4
5
6
7
8
9
10
11
package com.klocwork;

public class JAVA_COMPARE_NAN_POSITIVE {
    public static void test(String args[]) {
        double d = 1;
        
        if (d == Double.NaN) {
            return;
        }
    }
}

Fixed code example

1
2
3
4
5
6
7
8
9
10
11
package com.klocwork;

public class JAVA_COMPARE_NAN_NEGATIVE {
    public static void test(String args[]) {
        double d = 1;

        if (Double.isNaN(d)) {
            return;
        }
    }
}