Fix Wrong number of arguments in a call#27
Conversation
Wrong number of arguments in a call A function call must supply an argument for each parameter that does not have a default value defined, so: - The minimum number of arguments is the number of parameters without default values. - The maximum number of arguments is the total number of parameters, unless the function takes a varargs (starred) parameter in which case there is no limit. Recommendation If there are too few arguments then check to see which arguments have been omitted and supply values for those. If there are too many arguments then check to see if any have been added by mistake and remove those. Also check where a comma has been inserted instead of an operator or a dot. For example, the code is `obj,attr` when it should be `obj.attr`. If it is not clear which are the missing or surplus arguments, then this suggests a logical error. The fix will then depend on the nature of the error. ## References [Glossary Arguments](https://docs.python.org/2/glossary.html#term-argument) [Glossary Parameters](https://docs.python.org/glossary.html#term-parameter) [Python What is the difference between arguments and parameters?](https://docs.python.org/2/faq/programming.html#faq-argument-vs-parameter) CWE-685 fix is to update the call sites to pass only the parameters supported by `validationTool.checkClothIntersection` (no more than 4 total arguments including `self`, i.e., 3 explicit arguments). In this snippet, the safest non-invasive fix is to remove one extra positional argument at each offending call while preserving behavior as much as possible. Since both cages are already derivable from context and both are currently passed, drop the redundant `innerCage` argument from the two calls in `fixIntersections` (lines 1112 and 1113), so each call passes exactly 4 total arguments including `self`. Change only in: - `Tools/ClothingValidationTool/Maya/ValidationTool/scripts/core.py` - Method: `fixIntersections` - Region around lines 1112–1113
odaysec
left a comment
odaysec
left a comment
There was a problem hiding this comment.
All exception classes in Python derive from BaseException. BaseException has three important subclasses, Exception from which all errors and normal exceptions derive, KeyboardInterrupt which is raised when the user interrupts the program from the keyboard and SystemExit which is raised by the sys.exit() function to terminate the program.
Since KeyboardInterrupt and SystemExit are special they should not be grouped together with other Exception classes. Catching BaseException, rather than its subclasses may prevent proper handling of KeyboardInterrupt or SystemExit. It is easy to catch BaseException accidentally as it is caught implicitly by an empty except: statement.
Use a non-bare exception clause so only normal runtime errors are handled, while interrupts/exits propagate correctly.
Best fix (without changing functionality): in Tools/ClothingValidationTool/Blender/ValidationTool.py, inside deleteTransform, replace:
except:
with:except Exception:
This preserves existing behavior (append failed objects and continue) for operational failures, while avoiding accidental handling of BaseException subclasses.
References
Python The try statement, Exceptions
M. Lutz, Learning Python, Section 35.3: Exception Design Tips and Gotchas, O'Reilly Media, 2013.
Python Errors and Exceptions
CWE-396
2 participants
Wrong number of arguments in a call
A function call must supply an argument for each parameter that does not have a default value defined, so:
Recommendation
If there are too few arguments then check to see which arguments have been omitted and supply values for those. If there are too many arguments then check to see if any have been added by mistake and remove those. Also check where a comma has been inserted instead of an operator or a dot. For example, the code is
obj,attrwhen it should beobj.attr. If it is not clear which are the missing or surplus arguments, then this suggests a logical error. The fix will then depend on the nature of the error.fix is to update the call sites to pass only the parameters supported by
validationTool.checkClothIntersection(no more than 4 total arguments includingself, i.e., 3 explicit arguments). In this snippet, the safest non-invasive fix is to remove one extra positional argument at each offending call while preserving behavior as much as possible. Since both cages are already derivable from context and both are currently passed, drop the redundantinnerCageargument from the two calls infixIntersections(lines 1112 and 1113), so each call passes exactly 4 total arguments includingself.Change only in:
Tools/ClothingValidationTool/Maya/ValidationTool/scripts/core.pyfixIntersectionsReferences
Glossary Arguments
Glossary Parameters
Python What is the difference between arguments and parameters?
CWE-685