CWE

Common Weakness Enumeration

A Community-Developed List of Software Weakness Types

CWE/SANS Top 25 Most Dangerous Software Errors
Home > CWE List > CWE- Individual Dictionary Definition (2.11)  
ID

CWE-227: Improper Fulfillment of API Contract ('API Abuse')

Weakness ID: 227
Abstraction: Class
Status: Draft
Presentation Filter:
+ Description

Description Summary

The software uses an API in a manner contrary to its intended use.

Extended Description

An API is a contract between a caller and a callee. The most common forms of API misuse occurs when the caller does not honor its end of this contract. For example, if a program does not call chdir() after calling chroot(), it violates the contract that specifies how to change the active root directory in a secure fashion. Another good example of library abuse is expecting the callee to return trustworthy DNS information to the caller. In this case, the caller misuses the callee API by making certain assumptions about its behavior (that the return value can be used for authentication purposes). One can also violate the caller-callee contract from the other side. For example, if a coder subclasses SecureRandom and returns a non-random value, the contract is violated.

+ Alternate Terms
API Abuse
+ Time of Introduction
  • Architecture and Design
  • Implementation
+ Common Consequences
ScopeEffect
Integrity
Other

Technical Impact: Quality degradation; Unexpected state

+ Observed Examples
ReferenceDescription
Linux-based device mapper encryption program does not check the return value of setuid and setgid allowing attackers to execute code with unintended privileges.
file-system management programs call the setuid and setgid functions in the wrong order and do not check the return values, allowing attackers to gain unintended privileges
C++ web server program calls Process::setuid before calling Process::setgid, preventing it from dropping privileges, potentially allowing CGI programs to be called with higher privileges than intended
Crypto implementation removes padding when it shouldn't, allowing forged signatures
Crypto implementation removes padding when it shouldn't, allowing forged signatures
+ Potential Mitigations

Phases: Implementation; Architecture and Design

Always utilize APIs in the specified manner.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ChildOfWeakness ClassWeakness Class710Coding Standards Violation
Research Concepts (primary)1000
ChildOfCategoryCategory1001SFP Secondary Cluster: Use of an Improper API
Software Fault Pattern (SFP) Clusters (primary)888
ParentOfWeakness BaseWeakness Base242Use of Inherently Dangerous Function
Development Concepts (primary)699
Seven Pernicious Kingdoms (primary)700
ParentOfWeakness VariantWeakness Variant243Creation of chroot Jail Without Changing Working Directory
Development Concepts (primary)699
Seven Pernicious Kingdoms (primary)700
ParentOfWeakness VariantWeakness Variant244Improper Clearing of Heap Memory Before Release ('Heap Inspection')
Development Concepts (primary)699
Seven Pernicious Kingdoms (primary)700
ParentOfWeakness VariantWeakness Variant245J2EE Bad Practices: Direct Management of Connections
Development Concepts (primary)699
Seven Pernicious Kingdoms (primary)700
ParentOfWeakness VariantWeakness Variant246J2EE Bad Practices: Direct Use of Sockets
Development Concepts (primary)699
Seven Pernicious Kingdoms (primary)700
ParentOfWeakness BaseWeakness Base248Uncaught Exception
Development Concepts (primary)699
Seven Pernicious Kingdoms (primary)700
ParentOfWeakness ClassWeakness Class250Execution with Unnecessary Privileges
Development Concepts (primary)699
Seven Pernicious Kingdoms (primary)700
ParentOfCategoryCategory251Often Misused: String Management
Development Concepts (primary)699
Seven Pernicious Kingdoms (primary)700
ParentOfWeakness BaseWeakness Base252Unchecked Return Value
Development Concepts (primary)699
Seven Pernicious Kingdoms (primary)700
ParentOfWeakness BaseWeakness Base253Incorrect Check of Function Return Value
Development Concepts (primary)699
ParentOfWeakness VariantWeakness Variant350Reliance on Reverse DNS Resolution for a Security-Critical Action
Development Concepts699
ParentOfWeakness VariantWeakness Variant382J2EE Bad Practices: Use of System.exit()
Development Concepts699
ParentOfWeakness VariantWeakness Variant558Use of getlogin() in Multithreaded Application
Seven Pernicious Kingdoms (primary)700
ParentOfCategoryCategory559Often Misused: Arguments and Parameters
Development Concepts (primary)699
ParentOfWeakness ClassWeakness Class573Improper Following of Specification by Caller
Development Concepts (primary)699
Research Concepts (primary)1000
ParentOfWeakness VariantWeakness Variant586Explicit Call to Finalize()
Research Concepts (primary)1000
ParentOfWeakness VariantWeakness Variant589Call to Non-ubiquitous API
Development Concepts (primary)699
ParentOfWeakness BaseWeakness Base605Multiple Binds to the Same Port
Development Concepts (primary)699
ParentOfWeakness BaseWeakness Base648Incorrect Use of Privileged APIs
Research Concepts1000
ParentOfWeakness VariantWeakness Variant650Trusting HTTP Permission Methods on the Server Side
Development Concepts699
Research Concepts1000
ParentOfWeakness BaseWeakness Base684Incorrect Provision of Specified Functionality
Development Concepts (primary)699
Research Concepts (primary)1000
MemberOfViewView699Development Concepts
Development Concepts (primary)699
MemberOfViewView700Seven Pernicious Kingdoms
Seven Pernicious Kingdoms (primary)700
PeerOfWeakness ClassWeakness Class675Duplicate Operations on Resource
Research Concepts1000
+ Taxonomy Mappings
Mapped Taxonomy NameNode IDFitMapped Node Name
7 Pernicious KingdomsAPI Abuse
WASC42Abuse of Functionality
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
7 Pernicious KingdomsExternally Mined
Modifications
Modification DateModifierOrganizationSource
2008-07-01Eric DalciCigitalExternal
updated Time_of_Introduction
2008-09-08CWE Content TeamMITREInternal
updated Description, Relationships, Taxonomy_Mappings
2009-05-27CWE Content TeamMITREInternal
updated Name, Relationships
2010-02-16CWE Content TeamMITREInternal
updated Relationships, Taxonomy_Mappings
2010-12-13CWE Content TeamMITREInternal
updated Description
2011-03-29CWE Content TeamMITREInternal
updated Description, Name
2011-06-01CWE Content TeamMITREInternal
updated Common_Consequences
2011-06-27CWE Content TeamMITREInternal
updated Common_Consequences
2012-05-11CWE Content TeamMITREInternal
updated Relationships
2012-10-30CWE Content TeamMITREInternal
updated Observed_Examples, Potential_Mitigations
2013-07-17CWE Content TeamMITREInternal
updated Relationships
2014-07-30CWE Content TeamMITREInternal
updated Relationships
2017-01-19CWE Content TeamMITREInternal
updated Relationships
2017-05-03CWE Content TeamMITREInternal
updated Observed_Examples, Related_Attack_Patterns
Previous Entry Names
Change DatePrevious Entry Name
2008-04-11API Abuse
2009-05-27Failure to Fulfill API Contract (aka 'API Abuse')
2011-03-29Failure to Fulfill API Contract ('API Abuse')

More information is available — Please select a different filter.
Page Last Updated: May 05, 2017