SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 15

changes.mady.by.user Jeffrey Gennari

Saved on

compared with

New Version 16

changes.mady.by.user Jeffrey Gennari

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Wiki MarkupFailing to close files when they are no longer needed may allow attackers to exhaust and possibly manipulate system resources. This phenomenon is typically referred to as file descriptor leakage \[[CWE 403|http://cwe.mitre.org/data/definitions/403.html]\], although file pointers can also be used as an attack vector (depending on the underlying system). To prevent file descriptor leaks, file pointers and file descriptors should be closed when they are no longer needed.

Non-Compliant Code Example

...

Wiki Markup
\[[Dowd 06|AA. C References#Dowd 06]\] Chapter 10, "UNIX Processes" (File Descriptor Leaks 582-587)
\[[CWE 403|http://cwe.mitre.org/data/definitions/403.html]\] UNIX File Descriptor Leaks