SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 74

changes.mady.by.user John Benito

Saved on

compared with

New Version 75

changes.mady.by.user Carol J. Lallier

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
bgColor#ccccff
langc
signed long sl1, sl2, result;

/* Initialize sl1 and sl2 */

if ( (sl2 == 0) || ( (sl1 == LONG_MIN) && (sl2 == -1) ) ) {
  /* handleHandle error condition */
}
else {
  result = sl1 / sl2;
}

...

Code Block
bgColor#ccccff
langc
signed long sl1, sl2, result;

/* Initialize sl1 and sl2 */

if ( (sl2 == 0 ) || ( (sl1 == LONG_MIN) && (sl2 == -1) ) ) {
  /* handleHandle error condition */
}
else {
  result = sl1 % sl2;
}

...

Tool

Version

Checker

Description

Compass/ROSE

  

Can detect some violations of this rule. In particular, it ensures that all operations involving division or modulo are preceded by a check ensuring that the second operand is nonzero.

Coverity6.5DIVIDE_BY_ZEROFully Implemented.
Fortify SCA5.0 

Can detect violations of this rule with CERT C Rule Pack.

LDRA tool suite

Include Page
LDRA_V
LDRA_V

43 D
248 S

Partially implemented.
PRQA QA-C
Include Page
PRQA_V
PRQA_V

2830 (C)
2831 (D)
2832 (A)
2833 (S)
2834 (P)

Fully implemented.

...

CERT C++ Secure Coding StandardINT33-CPP. Ensure that division and modulo operations do not result in divide-by-zero errors
CERT Oracle Secure Coding Standard for JavaNUM02-J. Ensure that division and modulo operations do not result in divide-by-zero errors
ISO/IEC TS 17961 (Draft)Integer division errors [diverr]
MITRE CWECWE-369, Divide by zero

Bibliography

[Seacord 20052013]Chapter 5, "IntegersInteger Security"
[Warren 2002]Chapter 2, "Basics"

...