Division and modulo operations are susceptible to divide-by-zero errors.
Division
The result of the / operator is the quotient from the division of the first arithmetic operand by the second arithmetic operand. Division operations are susceptible to divide-by-zero errors. Overflow can also occur during twos-complement signed integer division when the dividend is equal to the minimum (negative) value for the signed integer type and the divisor is equal to -1 (see INT32-C. Ensure that integer operations do not result in an overflow).
Unable to render {include} The included page could not be found.
Unable to render {include} The included page could not be found.
Modulo
The modulo operator provides the remainder when two operands of integer type are divided.
Unable to render {include} The included page could not be found.
Unable to render {include} The included page could not be found.
Risk Assessment
A divide by zero can result in abnormal program termination and Denial of Service.
Rule |
Severity |
Likelihood |
Remediation Cost |
Priority |
Level |
|---|---|---|---|---|---|
INT33-C |
1 (low) |
2 (probable) |
2 (medium) |
P4 |
L3 |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
References
[[ISO/IEC 9899-1999]] Section 6.5.5, "Multiplicative operators"
[[Seacord 05]] Chapter 5, "Integers"
[[Warren 02]] Chapter 2, "Basics"
INT32-C. Ensure that integer operations do not result in an overflow 04. Integers (INT) INT35-C. Evaluate integer expressions in a larger size before comparing or assigning to that size