Function Call With Incorrect Number of Arguments| ID: 685 | Date: (C)2012-05-14 (M)2022-10-10 |
| Type: weakness | Status: DRAFT |
| Abstraction Type: Variant |
Description
The software calls a function, procedure, or routine, but the
caller specifies too many arguments, or too few arguments, which may lead to
undefined behavior and resultant weaknesses.
Applicable PlatformsLanguage: CLanguage: Perl
Time Of Introduction
Common Consequences
| Scope | Technical Impact | Notes |
|---|
| Other | Quality degradation | |
Detection Methods
| Name | Description | Effectiveness | Notes |
|---|
| Other | While this weakness might be caught by the compiler in some languages,
it can occur more frequently in cases in which the called function
accepts variable numbers of arguments, such as format strings in C. It
also can occur in languages or environments that do not require that
functions always be called with the correct number of arguments, such as
Perl. | | |
Potential Mitigations
| Phase | Strategy | Description | Effectiveness | Notes |
|---|
| Testing | | Because this function call often produces incorrect behavior it will
usually be detected during testing or normal operation of the software.
During testing exercise all possible control paths will typically expose
this weakness except in rare cases when the incorrect function call
accidentally produces the correct results or if the provided argument
type is very similar to the expected argument type. | | |
Relationships
| Related CWE | Type | View | Chain |
|---|
| CWE-685 ChildOf CWE-885 | Category | CWE-888 | |
Demonstrative ExamplesNone
White Box Definitions None
Black Box Definitions None
Taxynomy MappingsNone
References:None
