SEC-DIV-0-tainted
In this section:
Synopsis
User input is used as a divisor without validation.
Enabled by default
Yes
Severity/Certainty
High/Medium
Full description
User input is used as a divisor without first checking that it is within a range. This means that an attacker can send a value that might trigger a division by zero error, for example as part of a denial of service attack.
Coding standards
- CWE 369
Divide By Zero
Code examples
The following code example fails the check and will give a warning:
int main(int argc, char **argv) {
return 10 / argc;
}
The following code example passes the check and will not give a warning about this issue:
int main(int argc, char **argv) {
if (argc > 0 && argc < 10)
return 10 / argc;
else
return 1;
}