Failing to close files when they are no longer needed may allow attackers to exhaust and possibly manipulate system resources. This phenomenon is typically referred to as file descriptor leakage [CWE 403
], although file pointers can also be used as an attack vector (depending on the underlying system). To prevent file descriptor leaks, file pointers and file descriptors should be closed when they are no longer needed.
Non-Compliant Code Example
In this non-compliant example, an array of characters is written to the end of a file. However, if fwrite() fails, then write_data() returns -1 in error without properly closing the stream to DataFile.txt.
int write_data(char *data, size_t data_size) {
FILE * fptr;
size_t written;
fptr = fopen("DataFile.txt", "a");
if (fptr == NULL) {
/* Handle fopen() error */
}
written = fwrite(data, sizeof(char), data_size, fptr);
if (written < data_size) {
return -1;
}
fclose(fptr);
return 0;
}
Compliant Solution
To correct this example, the code is modified to ensure DataFile.txt is always closed.
int write_data(char *data, size_t data_size) {
FILE * fptr;
size_t written;
int result = 0;
fptr = fopen("DataFile.txt", "a");
if (fptr == NULL) {
/* Handle fopen() error */
}
written = fwrite(data, sizeof(char), data_size, fptr);
if (written < data_size) {
result = -1;
}
fclose(fptr);
return result;
}
Risk Assessment
Failing to properly close files may allow unintended access to system resources, or exhaust system resources.