...
C identifies two conditions under which division and modulo operations result in undefined behavior:
| UB | Description |
The value of the second operand of the | |
| n/a | If the quotient a/b is not representable, the behavior of both a/b and a%b is undefined (6.5.5). |
...
Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
Compass/ROSE | Can detect some violations of this rule. In particular, it ensures that all operations involving division or modulo are preceded by a check ensuring that the second operand is nonzero. | ||||||||
| Coverity | 6.5 | DIVIDE_BY_ZERO | Fully Implemented | ||||||
| Fortify SCA | 5.0 | Can detect violations of this rule with CERT C Rule Pack. | |||||||
| 43 D | Partially implemented. | |||||||
| PRQA QA-C |
| 2830 (C) | Fully implemented. |
...
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
| CERT C++ Secure Coding Standard | INT33-CPP. Ensure that division and modulo operations do not result in divide-by-zero errors |
| CERT Oracle Secure Coding Standard for Java | NUM02-J. Ensure that division and modulo operations do not result in divide-by-zero errors |
| ISO/IEC TS 17961 (Draft) | Dividing by zero [divzero] Integer division errors [diverr] |
| MITRE CWE | CWE-369, Divide by zero |
Bibliography
| [Seacord 2005] | Chapter 5, "Integers" |
| [Warren 2002] | Chapter 2, "Basics" |
...