This rule finds calls to
socket where there is no corresponding
close call in the program analyzed.
Leaving descriptors open will cause a resource leak that will persist even after the program terminates.
This check is an approximation, so some results may not be actual defects in the program. It is not possible in general to compute the exact value of the variable without running the program with all possible input data.
Ensure that all file or socket descriptors allocated by the program are freed before it terminates.
In the example below, the
sockfd socket remains open when the
main program finishes.
The code should be updated to ensure that the socket is always closed when the program terminates.
- SEI CERT C++ Coding Standard: ERR57-CPP. Do not leak resources when handling exceptions.
- Common Weakness Enumeration: CWE-775.