CWE-628: Function Call with Incorrectly Specified Arguments

Description

The product calls a function, procedure, or routine with arguments that are not correctly specified, leading to always-incorrect behavior and resultant weaknesses.

Submission Date :

May 7, 2007, midnight

Modification Date :

2023-06-29 00:00:00+00:00

Organization :

MITRE
Extended Description

There are multiple ways in which this weakness can be introduced, including:

  • the wrong variable or reference;
  • an incorrect number of arguments;
  • incorrect order of arguments;
  • wrong type of arguments; or
  • wrong value.

Example Vulnerable Codes

Example - 1

The following PHP method authenticates a user given a username/password combination but is called with the parameters in reverse order.


// // authenticate user// 
...
function authenticate($username, $password) {}authenticate($_POST['password'], $_POST['username']);

Example - 2

This Perl code intends to record whether a user authenticated successfully or not, and to exit if the user fails to authenticate. However, when it calls ReportAuth(), the third argument is specified as 0 instead of 1, so it does not exit.


die "Failed!\n";my ($username, $result, $fatal) = @_;PrintLog("auth: username=%s, result=%d", $username, $result);if (($result ne "success") && $fatal) {}

my $result = CheckAuth($username);ReportAuth($username, $result, 0);DoReallyImportantStuff();sub ReportAuth {}sub PrivilegedFunc{}

Example - 3

In the following Java snippet, the accessGranted() method is accidentally called with the static ADMIN_ROLES array rather than the user roles.



String[] userRoles = getUserRoles(user);return accessGranted(resource, ADMIN_ROLES);

// // grant or deny access based on user roles// 
...private static final String[] ADMIN_ROLES = ...;public boolean void accessGranted(String resource, String user) {}private boolean void accessGranted(String resource, String[] userRoles) {}

Related Weaknesses

This table shows the weaknesses and high level categories that are related to this weakness. These relationships are defined to give an overview of the different insight to similar items that may exist at higher and lower levels of abstraction.

CWE-573: Improper Following of Specification by Caller
Go to
CWE-683: Function Call With Incorrect Order of Arguments
Go to
CWE-685: Function Call With Incorrect Number of Arguments
Go to
CWE-686: Function Call With Incorrect Argument Type
Go to
CWE-687: Function Call With Incorrectly Specified Argument Value
Go to
CWE-688: Function Call With Incorrect Variable or Reference as Argument
Go to

Visit http://cwe.mitre.org/ for more details.