CVE-2017-0857 - Divide By Zero

Severity

78%

Complexity

99%

Confidentiality

115%

Another vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-65122447.

Another vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-65122447.

CVSS 3.0 Base Score 7.5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).

CVSS 2.0 Base Score 7.8. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:C).

Demo Examples

Divide By Zero

CWE-369

The following Java example contains a function to compute an average but does not validate that the input value used as the denominator is not zero. This will create an exception for attempting to divide by zero. If this error is not handled by Java exception handling, unexpected results can occur.


               
}
return totalTime / numRequests;

By validating the input value used as the denominator the following code will ensure that a divide by zero error will not cause unexpected results. The following Java code example will validate the input value, output an error message, and throw an exception.


               
}
return totalTime / numRequests;
throw ArithmeticException;

Divide By Zero

CWE-369

Divide By Zero

CWE-369

Demo Examples

Incorrect Conversion between Numeric Types

CWE-681

In the following Java example, a float literal is cast to an integer, thus causing a loss of precision.


               
int i = (int) 33457.8f;

Incorrect Conversion between Numeric Types

CWE-681

This code adds a float and an integer together, casting the result to an integer.


               
$result = (int)$floatVal + $intVal;

Normally, PHP will preserve the precision of this operation, making $result = 4.8345. After the cast to int, it is reasonable to expect PHP to follow rounding convention and set $result = 5. However, the explicit cast to int always rounds DOWN, so the final value of $result is 4. This behavior may have unintended consequences.

Incorrect Conversion between Numeric Types

CWE-681

In this example the variable amount can hold a negative value when it is returned. Because the function is declared to return an unsigned int, amount will be implicitly converted to unsigned.


               
}
return amount;

If the error condition in the code above is met, then the return value of readdata() will be 4,294,967,295 on a system that uses 32-bit integers.

Incorrect Conversion between Numeric Types

CWE-681

In this example, depending on the return value of accecssmainframe(), the variable amount can hold a negative value when it is returned. Because the function is declared to return an unsigned value, amount will be implicitly cast to an unsigned number.


               
}
return amount;

If the return value of accessmainframe() is -1, then the return value of readdata() will be 4,294,967,295 on a system that uses 32-bit integers.

Overview

Type

Google Android

First reported 7 years ago

2017-11-16 23:29:00

Last updated 5 years ago

2019-10-03 00:03:00

Affected Software

Google Android 6.0

6.0

Google Android 6.0.1

6.0.1

Google Android (Nougat) 7.0

7.0

Google Android 7.1.1

7.1.1

Google Android 7.1.2

7.1.2

Google Android 8.0

8.0

References

https://source.android.com/security/bulletin/pixel/2017-11-01

Patch, Vendor Advisory

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.