Page History

...

Failing to properly close files may allow an attacker to exhaust system resources and can increase the risk that data written into in-memory file buffers will not be flushed in the event of abnormal program termination.

Rule	Severity	Likelihood	Detectable	RepairableRemediation Cost	Priority	Level
FIO42-C	Medium	Unlikely	No	MediumNo	P4P2	L3

Automated Detection

This rule is stricter than rule [fileclose] in ISO/IEC TS 17961:2013. Analyzers that conform to the technical standard may not detect all violations of this rule.

Tool

Version

Checker

Description

Astrée

Include Page

	Astrée_V
	Astrée_V

Supported, but no explicit checker

CodeSonar

Include Page

	CodeSonar_V
	CodeSonar_V

ALLOC.LEAK

Leak

Compass/ROSE

Coverity

Include Page

	Coverity_V
	Coverity_V

RESOURCE_LEAK (partial)

Partially implemented

Cppcheck

Include Page

	Cppcheck_V
	Cppcheck_V

resourceLeak

Partially implemented

Cppcheck Premium

Include Page

	Cppcheck Premium_V
	Cppcheck Premium_V

resourceLeakPartially implemented

Helix QAC

Include Page

	Helix QAC_V
	Helix QAC_V

DF2701, DF2702, DF2703

Klocwork

Include Page

	Klocwork_V
	Klocwork_V

RH.LEAK

LDRA tool suite

Include Page

	LDRA_V
	LDRA_V

49 D

Partially implemented

Parasoft C/C++test

Include Page

	Parasoft_V
	Parasoft_V

CERT_C-FIO42-a

Ensure resources are freed

PC-lint Plus

Include Page

	PC-lint Plus_V
	PC-lint Plus_V

429

Partially supported

Polyspace Bug Finder

Include Page

	Polyspace Bug Finder_V
	Polyspace Bug Finder_V

CERT C: Rule FIO42-C

Checks for resource leak (rule partially covered)

Security Reviewer - Static Reviewer

Include Page

	Security Reviewer - Static Reviewer_V
	Security Reviewer - Static Reviewer_V

C80

Fully implemented

SonarQube C/C++ Plugin

Include Page

	SonarQube C/C++ Plugin_V
	SonarQube C/C++ Plugin_V

S2095

...

Space shortcuts

Page tree

Versions Compared

Old Version 77

New Version Current

Key

Automated Detection