Improper Resource Shutdown or Release

The product does not release or incorrectly releases a resource before it is made available for re-use.

  • Source

    CWE Catalog - 4.14

  • Identifier

    CWE-404

  • Status

    Draft

Contents

Description

When a resource is created or allocated, the developer is responsible for properly releasing the resource as well as accounting for all potential paths of expiration or invalidation, such as a set period of time or revocation.

Demonstrations

The following examples help to illustrate the nature of this weakness and describe methods or techniques which can be used to mitigate the risk.

Note that the examples here are by no means exhaustive and any given weakness may have many subtle varieties, each of which may require different detection methods or runtime controls.

Example One

The following method never closes the new file handle. Given enough time, the Finalize() method for BufferReader should eventually call Close(), but there is no guarantee as to how long this action will take. In fact, there is no guarantee that Finalize() will ever be invoked. In a busy environment, the Operating System could use up all of the available file handles before the Close() function is called.

private void processFile(string fName)
{
  BufferReader fil = new BufferReader(new FileReader(fName));
  String line;
  while ((line = fil.ReadLine()) != null)
  {
    processLine(line);
  }
}

The good code example simply adds an explicit call to the Close() function when the system is done using the file. Within a simple example such as this the problem is easy to see and fix. In a real system, the problem may be considerably more obscure.

private void processFile(string fName)
{
  BufferReader fil = new BufferReader(new FileReader(fName));
  String line;
  while ((line = fil.ReadLine()) != null)
  {
    processLine(line);
  }
  fil.Close();
}

Example Two

This code attempts to open a connection to a database and catches any exceptions that may occur.

try {
  Connection con = DriverManager.getConnection(some_connection_string);
}
catch ( Exception e ) {
  log( e );
}

If an exception occurs after establishing the database connection and before the same connection closes, the pool of database connections may become exhausted. If the number of available connections is exceeded, other users cannot access this resource, effectively denying access to the application.

Example Three

Under normal conditions the following C# code executes a database query, processes the results returned by the database, and closes the allocated SqlConnection object. But if an exception occurs while executing the SQL or processing the results, the SqlConnection object is not closed. If this happens often enough, the database will run out of available cursors and not be able to execute any more SQL queries.

...
SqlConnection conn = new SqlConnection(connString);
SqlCommand cmd = new SqlCommand(queryString);
cmd.Connection = conn;
conn.Open();
SqlDataReader rdr = cmd.ExecuteReader();
HarvestResults(rdr);
conn.Connection.Close();
...

Example Four

The following C function does not close the file handle it opens if an error occurs. If the process is long-lived, the process can run out of file handles.

int decodeFile(char* fName) {

  char buf[BUF_SZ];
  FILE* f = fopen(fName, "r");
  if (!f) {
    printf("cannot open %s\n", fName);
    return DECODE_FAIL;
  }
  else {

    while (fgets(buf, BUF_SZ, f)) {
      if (!checkChecksum(buf)) {
        return DECODE_FAIL;
      }
      else {
        decodeBlock(buf);
      }
    }

  }
  fclose(f);
  return DECODE_SUCCESS;

}

Example Five

In this example, the program does not use matching functions such as malloc/free, new/delete, and new[]/delete[] to allocate/deallocate the resource.

class A {
  void foo();
};
void A::foo(){
  int *ptr;
  ptr = (int*)malloc(sizeof(int));
  delete ptr;
}

Example Six

In this example, the program calls the delete[] function on non-heap memory.

class A{
  void foo(bool);
};
void A::foo(bool heap) {
  int localArray[2] = {
    11,22
  };
  int *p = localArray;
  if (heap){
    p = new int[2];
  }
  delete[] p;
}

See Also

Comprehensive Categorization: Resource Lifecycle Management

Weaknesses in this category are related to resource lifecycle management.

CISQ Quality Measures - Efficiency

Weaknesses in this category are related to the CISQ Quality Measures for Efficiency. Presence of these weaknesses could reduce the efficiency of the software.

CISQ Quality Measures - Security

Weaknesses in this category are related to the CISQ Quality Measures for Security. Presence of these weaknesses could reduce the security of the software.

Comprehensive CWE Dictionary

This view (slice) covers all the elements in CWE.

CISQ Data Protection Measures

This view outlines the SMM representation of the Automated Source Code Data Protection Measurement specifications, as identified by the Consortium for Information & So...

Weaknesses for Simplified Mapping of Published Vulnerabilities

CWE entries in this view (graph) may be used to categorize potential weaknesses within sources that handle public, third-party vulnerability information, such as the N...

Common Weakness Enumeration content on this website is copyright of The MITRE Corporation unless otherwise specified. Use of the Common Weakness Enumeration and the associated references on this website are subject to the Terms of Use as specified by The MITRE Corporation.