CWE-685: Function Call With Incorrect Number of Arguments
Weakness ID: 685
The software calls a function, procedure, or routine, but the caller specifies too many arguments, or too few arguments, which may lead to undefined behavior and resultant weaknesses.
Time of Introduction
Modes of Introduction
This problem typically occurs when the programmer makes a typo, or copy
and paste errors.
Technical Impact: Quality degradation
While this weakness might be caught by the compiler in some languages,
it can occur more frequently in cases in which the called function
accepts variable numbers of arguments, such as format strings in C. It
also can occur in languages or environments that do not require that
functions always be called with the correct number of arguments, such as
Because this function call often produces incorrect behavior it will
usually be detected during testing or normal operation of the software.
During testing exercise all possible control paths will typically expose
this weakness except in rare cases when the incorrect function call
accidentally produces the correct results or if the provided argument
type is very similar to the expected argument type.
the weakness exists independent of other weaknesses)