SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 59

changes.mady.by.user Astha Singhal

Saved on

compared with

New Version 60

changes.mady.by.user Astha Singhal

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 4.0

Wiki MarkupDivision and modulo operations are susceptible to divide-by-zero errors. According to section 6.5.5, paragraph 5 of \ [[ISO/IEC 9899:1999|AA. Bibliography#ISO/IEC 9899-1999]\]

The result of the / operator is the quotient from the division of the first operand by the second; the result of the % operator is the remainder. In both operations, if the value of the second operand is zero, the behavior is undefined.

...

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

INT33-C

low

likely

medium

P6

L2

Automated Detection

Tool

Version

Checker

Description

Section

LDRA tool suite

Include Page
c:LDRA_Vc:
LDRA_V
Section

43 D
248 S

Section

Partially Implemented

Section

Fortify SCA

Section

V. 5.0

 

Section

can detect violations of this rule with CERT C Rule Pack

Section

Compass/ROSE

 

 

Section

can detect some violations of this rule. In particular, it ensures that all operations involving division or modulo are preceded by a check ensuring that the second operand is non-zero.

...

MITRE CWE: CWE-369, "Divide By Zero"

Bibliography

...

\[[Seacord 2005|AA. Bibliography#Seacord 05]\] Chapter 5, "Integers" \
[[Warren 2002|AA. Bibliography#Warren 02]\] Chapter 2, "Basics"

...

      04. Integers (INT)      INT34-C. Do not shift a negative number of bits or more bits than exist in the operand