CWE-775

Missing Release of File Descriptor or Handle after Effective Lifetime. [Improper-Control-Of-A-Resource-Through-Its-Lifetime]

Required inputs: IR, StaticSemanticAnalysis

The product does not release a file descriptor or handle after its effective lifetime has ended, i.e., after the file descriptor/handle is no longer needed. When a file descriptor or handle is not released after use (typically by explicitly closing it), attackers can cause a denial of service by consuming all available file descriptors/handles, or otherwise preventing other system processes from obtaining their own file descriptors/handles.Excerpts from CWE [https://cwe.mitre.org], Copyright (C) 2006-2026, the MITRE Corporation. See section 9.4. "3rd-Party Licenses" in the documentation for full details.

Possible Messages

Key	Text	Severity	Disabled
memory_leak	Call allocates leaking memory	None	False
possible_memory_leak	Call allocates possibly leaking memory	None	False

Options

• This rule shares the following common options: exclude_in_macros, exclude_messages_in_system_headers, excludes, extend_exclude_to_macro_invocations, includes, justification_checker, languages, post_processing, provider, report_at, severity

• The following places define options that affect this rule: Stylechecks, Analysis-GlobalOptions

resources

resources : set[str] = {'FileHandle'}

Set of resources to be checked (selection of rules in the Resources group).

 

witness_paths

witness_paths : bool = True

Whether witness paths should be determined and included in the issue.

 

witness_should_include_exception_handling

witness_should_include_exception_handling : bool = False

Whether to only accept witness paths that include some kind of exception handling.