2023-05-03 11:06:20 +02:00
2023-09-28 11:35:02 +02:00
If the denominator to an integer division or remainder operation is zero, a
`ArithmeticException` is thrown.
2020-12-21 15:38:52 +01:00
2023-09-28 11:35:02 +02:00
include::../introduction.adoc[]
2021-02-02 15:02:10 +01:00
2023-09-28 11:35:02 +02:00
== Why is this an issue?
2020-12-21 15:38:52 +01:00
2023-09-28 11:35:02 +02:00
A division (`/`) or remainder operation (`%`) by zero indicates a bug or logical
error.
This is because in Java, a division or remainder operation where the denominator
is zero and not a floating point value always results in an
`ArithmeticException` being thrown.
When working with ``++double++`` or ``++float++`` values, no exception will be
thrown, but the operation will result in special floating point values
representing either positive infinity, negative infinity, or `NaN`.
Unless these special values are explicitly handled by a program, zero
denominators should be avoided in floating point operations, too.
Otherwise, the application might produce unexpected results.
include::../impact.adoc[]
=== Noncompliant code example
[source,java,diff-id=1,diff-type=noncompliant]
----
void test_divide() {
int z = 0;
if (unknown()) {
// ..
z = 3;
} else {
// ..
}
z = 1 / z; // Noncompliant, possible division by zero
}
----
=== Compliant solution
[source,java,diff-id=1,diff-type=compliant]
----
void test_divide() {
int z = 0;
if (unknown()) {
// ..
z = 3;
} else {
// ..
z = 1;
}
z = 1 / z;
}
----
2021-02-02 15:02:10 +01:00
2023-09-28 11:35:02 +02:00
== Resources
2020-12-21 15:38:52 +01:00
2023-09-28 11:35:02 +02:00
=== Documentation
2020-12-21 15:38:52 +01:00
2023-09-28 11:35:02 +02:00
* https://docs.oracle.com/en/java/javase/17/docs/api/java.base/java/lang/ArithmeticException.html[ArithmeticException]
2024-05-06 07:56:31 +01:00
* https://docs.oracle.com/javase/specs/jls/se17/html/jls-15.html#jls-15.17.2[The Division Operator in the JLS]
* https://docs.oracle.com/javase/specs/jls/se17/html/jls-15.html#jls-15.17.3[The Remainder Operator in the JLS]
2020-12-21 15:38:52 +01:00
2024-05-06 07:56:31 +01:00
=== Standards
2021-09-21 15:40:35 +02:00
2024-01-15 17:15:56 +01:00
* CWE - https://cwe.mitre.org/data/definitions/369[CWE-369 - Divide by zero]
2021-09-21 15:40:35 +02:00
* https://wiki.sei.cmu.edu/confluence/x/CTZGBQ[CERT, NUM02-J.] - Ensure that division and remainder operations do not result in divide-by-zero errors
2024-05-06 07:56:31 +01:00
* STIG Viewer - https://stigviewer.com/stig/application_security_and_development/2023-06-08/finding/V-222612[Application Security and Development: V-222612] - The application must not be vulnerable to overflow attacks.
2023-09-28 11:35:02 +02:00
2021-06-02 20:44:38 +02:00
2021-06-03 09:05:38 +02:00
ifdef::env-github,rspecator-view[]
2021-09-20 15:38:42 +02:00
'''
== Implementation Specification
(visible only on this page)
2023-09-28 11:35:02 +02:00
This rule supports primitive ``++int++``, ``++long++``, ``++double++``, and
``++float++`` values, as well as ``++BigDecimal++`` and ``++BigInteger++``.
2023-10-16 16:34:38 +02:00
=== Message
Make sure 'xxxxx' can't be zero before doing this [division|modulation].
2021-09-20 15:38:42 +02:00
include::../highlighting.adoc[]
2021-06-08 15:52:13 +02:00
'''
2021-06-02 20:44:38 +02:00
== Comments And Links
(visible only on this page)
include::../comments-and-links.adoc[]
2023-06-22 10:38:01 +02:00
2021-06-03 09:05:38 +02:00
endif::env-github,rspecator-view[]
