Division and modulo operations are susceptible to divide-by-zero errors.
The result of the / operator is the quotient from the division of the first arithmetic operand by the second arithmetic operand. Division operations are susceptible to divide-by-zero errors. Overflow can also occur during two's-complement signed integer division when the dividend is equal to the minimum (negative) value for the signed integer type and the divisor is equal to -1 (see INT32-C. Ensure that operations on signed integers do not result in overflow).
The modulo operator provides the remainder when two operands of integer type are divided.
A divide by zero can result in abnormal program termination and denial of service.
Rule |
Severity |
Likelihood |
Remediation Cost |
Priority |
Level |
|---|---|---|---|---|---|
INT33-C |
1 (low) |
2 (probable) |
2 (medium) |
P4 |
L3 |
Fortify SCA Version 5.0 with CERT C Rule Pack can detect violations of this rule.
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
\[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\] Section 6.5.5, "Multiplicative operators" \[[Seacord 05|AA. C References#Seacord 05]\] Chapter 5, "Integers" \[[Warren 02|AA. C References#Warren 02]\] Chapter 2, "Basics" |
04. Integers (INT) INT34-C. Arguments to character handling functions must be representable as an unsigned char