If the denominator to a division or modulo operation is zero, a `ZeroDivisionError` is raised. include::../introduction.adoc[] == Why is this an issue? A division (`/`) or modulo operation (`%`) by zero indicates a bug or logical error. This is because in Python, a division or modulo operation where the denominator is zero always results in a `ZeroDivisionError` being raised. include::../impact.adoc[] == How to fix it The goal is to ensure that a zero value never reaches the denominator. === Code examples ==== Noncompliant code example [source,python,diff-id=1,diff-type=noncompliant] ---- def foo(): z = 0 if (unknown()): z = 4 ... else: # (z is not reassigned to a non-zero value here) ... z = 1 / z # Noncompliant: divisor can be 0 ---- ==== Compliant solution [source,python,diff-id=1,diff-type=compliant] ---- def foo(): z = 0 if (unknown()): z = 4 ... else: z = 1 ... z = 1 / z ---- ==== Noncompliant code example [source,python,diff-id=2,diff-type=noncompliant] ---- def report_average(): sum = compute_sum() denominator = population() print(sum / denominator) # Noncompliant: divisor can be 0 def population(): size = read_size() return size if size is not None else 0 ---- ==== Compliant solution [source,python,diff-id=2,diff-type=compliant] ---- def report_average(): sum = compute_sum() denominator = population() if denominator == 0: print("We have no data.") else: print(sum / denominator) def population(): size = read_size() return size if size is not None else 0 ---- === How does this work? One approach is to inspect every possible execution path that affects the denominator and adjust them such that none of them lead to a zero value. The first example illustrates this by ensuring that for all the paths that can define the variable ++z++, none assign it zero. Thus, we are sure that the issue is fixed. In other cases it might be necessary and safer to check and explicitly handle the case of a zero denominator. For instance, in the second example, an error message is displayed to the user if the denominator is zero. //=== Pitfalls //=== Going the extra mile == Resources === Documentation * https://docs.python.org/3/reference/expressions.html#binary-arithmetic-operations[Binary arithmetic operations] * https://docs.python.org/3/library/exceptions.html#ZeroDivisionError[ZeroDivisionError] === Standards * CWE - https://cwe.mitre.org/data/definitions/369[CWE-369 - Divide by zero] * STIG Viewer - https://stigviewer.com/stig/application_security_and_development/2023-06-08/finding/V-222612[Application Security and Development: V-222612] - The application must not be vulnerable to overflow attacks.