The C Standard identifies the following condition under which division and remainder operations result in undefined behavior (UB):
...
A divide-by-zero error can result in abnormal program termination and denial of service.
Rule | Severity | Likelihood | Detectable | Remediation CostRepairable | Priority | Level |
|---|---|---|---|---|---|---|
INT33-C | Low | Likely | No | MediumYes | P6 | L2 |
Automated Detection
Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Astrée |
| int-division-by-zero int-modulo-by-zero | Fully checked | ||||||
| Axivion Bauhaus Suite |
| CertC-INT33 | |||||||
| CodeSonar |
| LANG.ARITH.DIVZERO LANG.ARITH.FDIVZERO | Division by zero Float Division By Zero | ||||||
| Compass/ROSE | Can detect some violations of this rule (In particular, it ensures that all operations involving division or modulo are preceded by a check ensuring that the second operand is nonzero.) | ||||||||
| Coverity |
| DIVIDE_BY_ZERO | Fully implemented | ||||||
| Cppcheck |
| zerodiv zerodivcond | |||||||
| Cppcheck Premium |
| zerodiv premium-cert-int33-cContext sensitive analysis of division by zero | |||||||
| Helix QAC |
| C2830 C++2830 DF2831, DF2832, DF2833 | |||||||
| Klocwork |
| DBZ.CONST | |||||||
| LDRA tool suite |
| 43 D, 127 D, 248 S, 629 S, 80 X | Partially implemented | ||||||
| Parasoft C/C++test |
| CERT_C-INT33-a | Avoid division by zero | ||||||
| Parasoft Insure++ | Runtime analysis | ||||||||
| Polyspace Bug Finder |
| Checks for:
Rule fully covered. | |||||||
| Security Reviewer - Static Reviewer |
| CPP_02 | Fully implemented | ||||||
| SonarQube C/C++ Plugin |
| S3518 | |||||||
| PVS-Studio |
| V609 | |||||||
| TrustInSoft Analyzer |
| division_by_zero | Exhaustively verified (see one compliant and one non-compliant example). |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
...