You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 28 Next »

Division and modulo operations are susceptible to divide-by-zero errors.

Division

The result of the / operator is the quotient from the division of the first arithmetic operand by the second arithmetic operand. Division operations are susceptible to divide-by-zero errors. Overflow can also occur during twos-complement signed integer division when the dividend is equal to the minimum (negative) value for the signed integer type and the divisor is equal to -1 (see INT32-C. Ensure that integer operations do not result in an overflow).

Unable to render {include} The included page could not be found.
Unable to render {include} The included page could not be found.

Modulo

The modulo operator provides the remainder when two operands of integer type are divided.

Unable to render {include} The included page could not be found.
Unable to render {include} The included page could not be found.

Risk Assessment

A divide by zero can result in abnormal program termination and Denial of Service.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

INT33-C

1 (low)

2 (probable)

2 (medium)

P4

L3

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

References

[[ISO/IEC 9899-1999]] Section 6.5.5, "Multiplicative operators"
[[Seacord 05]] Chapter 5, "Integers"
[[Warren 02]] Chapter 2, "Basics"

  • No labels