Failing to close files when they are no longer needed may allow attackers to manipulate system resources. This phenomenon is typically referred to as file descriptor leakage CWE 403, although this often affects file pointers as well. To prevent file descriptor leakage, file pointers and file descriptors should be closed when they are no longer needed.
Non-Compliant Code Example: fopen()
Compliant Solution
Non-Compliant Code Example: open()
Compliant Solution
Risk Assessment
Failing to properly close open files may allow unintended access to system resources.