CWE-628: Function Call with Incorrectly Specified Arguments

Description

The product calls a function, procedure, or routine with arguments that are not correctly specified, leading to always-incorrect behavior and resultant weaknesses.

Submission Date :

May 7, 2007, midnight

Modification Date :

2023-06-29 00:00:00+00:00

Organization :

MITRE
Extended Description

There are multiple ways in which this weakness can be introduced, including:

  • the wrong variable or reference;
  • an incorrect number of arguments;
  • incorrect order of arguments;
  • wrong type of arguments; or
  • wrong value.

Example Vulnerable Codes

Example - 1

The following PHP method authenticates a user given a username/password combination but is called with the parameters in reverse order.


// // authenticate user// 
...
function authenticate($username, $password) {}authenticate($_POST['password'], $_POST['username']);

Example - 2

This Perl code intends to record whether a user authenticated successfully or not, and to exit if the user fails to authenticate. However, when it calls ReportAuth(), the third argument is specified as 0 instead of 1, so it does not exit.


die "Failed!\n";my ($username, $result, $fatal) = @_;PrintLog("auth: username=%s, result=%d", $username, $result);if (($result ne "success") && $fatal) {}

my $result = CheckAuth($username);ReportAuth($username, $result, 0);DoReallyImportantStuff();sub ReportAuth {}sub PrivilegedFunc{}

Example - 3

In the following Java snippet, the accessGranted() method is accidentally called with the static ADMIN_ROLES array rather than the user roles.



String[] userRoles = getUserRoles(user);return accessGranted(resource, ADMIN_ROLES);

// // grant or deny access based on user roles// 
...private static final String[] ADMIN_ROLES = ...;public boolean void accessGranted(String resource, String user) {}private boolean void accessGranted(String resource, String[] userRoles) {}

Visit http://cwe.mitre.org/ for more details.

© cvefeed.io
Latest DB Update: Dec. 22, 2024 12:58