software composition analysis
Product
SAST
Catch vulnerabilities as you develop DAST
Test live web applications like an attacker SCA
Secure open-source and supply chain MAST
Secure mobile apps from code to store Compliance
Align with standards while shipping secure code
Resources
Vulnerability database Healthy Package
Blog News
Documentation
Pricing Partners About Us Log In
software composition analysis

1C : Incorrect function call

Classification

OWASP Top 10 2017 A9-Using Components with Known Vulnerabilities OWASP Top 10 2021 A6-Vulnerable and Outdated Components CWE CWE-683 CWE-685 CWE-686 CWE-687 CWE-688

Overview

Incorrect use of the function.

Probably, there are incorrect number of argument, incorrect order of arguments, incorrect argument type or incorrect type of return value, which may lead to undefined behavior of application.

Probably, there are incorrect number of argument, incorrect order of arguments, incorrect argument type or incorrect type of return value. Probably some functions are called from wrong position or are not called at all while they should be called. This may cause unpredictable behavior or rare bugs.

References

  1. CWE-686: Function Call With Incorrect Argument Type
  2. CWE-683: Function Call With Incorrect Order of Arguments
  3. CWE-688: Function Call With Incorrect Variable or Reference as Argument
  4. CWE-685: Function Call With Incorrect Number of Arguments
  5. CWE-687: Function Call With Incorrectly Specified Argument Value
  6. Mobile Top 10 2016-M7-Poor Code Quality
  7. OWASP A9:2017-Using Components with Known Vulnerabilities

See also

1C : Empty code block
1C : Obsolete or unsafe function
1C : Unsafe handling parameter "Cancel".