...
This non-compliant code example may result in a signed integer overflow during the addition of the signed operands si1 and si2. If this behavior is unanticipated, it could can lead to an exploitable vulnerability.
...
This non-compliant code example can result in a signed integer overflow during the multiplication of the signed operands si1 and si2. If this behavior is unanticipated, the resulting value may be used to allocate insufficient memory for a subsequent operation or in some other manner that could can lead to an exploitable vulnerability.
...
This code can result in a signed integer overflow during the division of the signed operands sl1 and sl2 or in a divide-by-zero error. The IA-32 architecture, for example, requires that both conditions result in a fault, which could can easily result in a denial-of-service attack.
...
Fortify SCA Version 5.0 with CERT C Rule Pack is able to detect violations of this rule.
The tool Compass / ROSE could can detect some violations of this rule easily. The difficulty comes in NOT incorrectly complaining on the compliant code examples. For instance, in order to validate addition between two signed ints, one might have to recognize code as complex as that specified in the compliant code example for addition...a very difficult task. A few tasks are doable, however:
...