The C Standard identifies the following condition under which division and remainder operations result in undefined behavior (UB):
| UB | Description |
The value of the second operand of the |
Ensure that division and remainder operations do not result in divide-by-zero errors.
...
A divide-by-zero error can result in abnormal program termination and denial of service.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
INT33-C | Low | Likely | Medium | P6 | L2 |
Automated Detection
Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Astrée |
| int-division-by-zero int-modulo-by-zero | Fully checked | ||||||
| Axivion Bauhaus Suite |
| CertC-INT33 | |||||||
| CodeSonar |
| LANG.ARITH.DIVZERO LANG.ARITH.FDIVZERO | Division by zero Float Division By Zero | ||||||
| Compass/ROSE |
Can detect some violations of this rule (In particular, it ensures that all operations involving division or modulo are preceded by a check ensuring that the second operand is nonzero.) | |||||||||
| Coverity |
| DIVIDE_BY_ZERO | Fully implemented | ||||||
| Cppcheck |
| zerodiv zerodivcond | Context sensitive analysis of division by zero | ||||||
| Cppcheck Premium |
| zerodiv premium-cert-int33-c | Context sensitive analysis of division by zero Not detected for division by struct member / array element / pointer data that is 0 Detected when there is unsafe division by variable before/after test if variable is zero | ||||||
| Helix QAC |
| C2830 C++2830 DF2831, DF2832, DF2833 | |||||||
| Klocwork |
| DBZ.CONST |
DBZ.ITERATOR.CALL | |||||||||
| LDRA tool suite |
| 43 D, 127 D, 248 S, 629 S, 80 X | Partially implemented | ||||||
| Parasoft C/C++test |
| CERT_C-INT33-a | Avoid division by zero |
| Parasoft Insure++ |
| Runtime analysis | |||||||
| Polyspace Bug Finder |
|
| Checks for:
|
|
2830 (C)
2831 (D)
2832 (A)
2833 (S)
2834 (P)
|
Dividing integer number by zero
Division / operands from an unsecure source
Remainder % operands are from an unsecure source
Rule fully covered. |
| SonarQube C/C++ Plugin |
| S3518 |
| PVS-Studio |
| V609 | |||||||
| TrustInSoft Analyzer |
| division_by_zero | Exhaustively verified (see one compliant and one non-compliant example). |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
Key here (explains table format and definitions)
Taxonomy | Taxonomy item | Relationship |
|---|---|---|
| CERT C |
| INT32-C. Ensure that operations on signed integers do not result in overflow |
| Prior to 2018-01-12: CERT: Unspecified Relationship | ||
| CERT Oracle Secure Coding Standard for Java | NUM02-J. Ensure that division and remainder operations do not result in divide-by-zero errors | Prior to 2018-01-12: CERT: Unspecified Relationship |
| ISO/IEC TS 17961 | Integer division errors [diverr] |
| Prior to 2018-01-12: CERT: Unspecified Relationship | ||
| CWE 2.11 | CWE-369, Divide By Zero | 2017-07-07: CERT: Exact |
CERT-CWE Mapping Notes
Key here for mapping notes
CWE-682 and INT33-C
CWE-682 = Union( INT33-C, list) where list =
- Incorrect calculations that do not involve division by zero
Bibliography
| [Seacord 2013b] | Chapter 5, "Integer Security" |
| [Warren 2002] | Chapter 2, "Basics" |
...
...