Call to Non-ubiquitous API |
Weakness ID: 589 (Weakness Variant) | Status: Incomplete |
Description Summary
The software uses an API function that does not exist on all versions of the target platform. This could cause portability problems or inconsistencies that allow denial of service or other consequences.
Extended Description
Some functions that offer security features supported by the OS are not available on all versions of the OS in common use. Likewise, functions are often deprecated or made obsolete for security reasons and should not be used.
Phase: Implementation Always test your code on any platform on which it is targeted to run on. |
Pre-design through build: Test your code on the newest and oldest platform on which it is targeted to run on. |
Phase: Testing Develop a system to test for API functions that are not portable. |
Nature | Type | ID | Name | View(s) this relationship pertains to |
---|---|---|---|---|
ChildOf | Weakness Class | 227 | Failure to Fulfill API Contract ('API Abuse') | Development Concepts (primary)699 |
ChildOf | Weakness Base | 474 | Use of Function with Inconsistent Implementations | Research Concepts (primary)1000 |
CAPEC-ID | Attack Pattern Name | (CAPEC Version: 1.4) |
---|---|---|
96 | Block Access to Libraries |
Modifications | ||||
---|---|---|---|---|
Modification Date | Modifier | Organization | Source | |
2008-07-01 | Eric Dalci | Cigital | External | |
updated Time of Introduction | ||||
2008-09-08 | CWE Content Team | MITRE | Internal | |
updated Relationships, Other Notes | ||||
2008-10-14 | CWE Content Team | MITRE | Internal | |
updated Description | ||||
2009-07-27 | CWE Content Team | MITRE | Internal | |
updated Other Notes, Potential Mitigations | ||||
Previous Entry Names | ||||
Change Date | Previous Entry Name | |||
2008-04-11 | Call to Limited API | |||