Use of Function with Inconsistent Implementations

The code uses a function that has inconsistent implementations across operating systems and versions.


Description

The use of inconsistent implementations can cause changes in behavior when the code is ported or built under a different environment than the programmer expects, which can lead to security problems in some cases.

The implementation of many functions varies by platform, and at times, even by different versions of the same platform. Implementation differences can include:

Slight differences in the way parameters are interpreted leading to inconsistent results.

Some implementations of the function carry significant security risks.

The function might not be defined on all platforms.

The function might change which return codes it can provide, or change the meaning of its return codes.

See Also

Comprehensive Categorization: Poor Coding Practices

Weaknesses in this category are related to poor coding practices.

API / Function Errors

Weaknesses in this category are related to the use of built-in functions or external APIs.

SFP Secondary Cluster: Use of an Improper API

This category identifies Software Fault Patterns (SFPs) within the Use of an Improper API cluster (SFP3).

Comprehensive CWE Dictionary

This view (slice) covers all the elements in CWE.

Quality Weaknesses with Indirect Security Impacts

CWE identifiers in this view (slice) are quality issues that only indirectly make it easier to introduce a vulnerability and/or make the vulnerability more difficult t...

Weaknesses Introduced During Implementation

This view (slice) lists weaknesses that can be introduced during implementation.


Common Weakness Enumeration content on this website is copyright of The MITRE Corporation unless otherwise specified. Use of the Common Weakness Enumeration and the associated references on this website are subject to the Terms of Use as specified by The MITRE Corporation.