Failing to close files when they are no longer needed may allow attackers to manipulate system resources. This phenomenon is typically referred to as file descriptor leakage [CWE 403 
], although this can also affect file pointers. To prevent file descriptor leakage, file pointers and file descriptors should be closed when they are no longer needed.
Non-Compliant Code Example: fopen()
Compliant Solution
Non-Compliant Code Example: open()
Compliant Solution
Risk Assessment
Failing to properly close open files may allow unintended access to system resources.