Kingdom: Code Quality
Poor code quality leads to unpredictable behavior. From a user's perspective that often manifests itself as poor usability. For an attacker it provides an opportunity to stress the system in unexpected ways.
Unreleased Resource
Abstract
The program can potentially fail to release a system resource.
Explanation
The program can potentially fail to release a system resource.
Resource leaks have at least two common causes:
- Error conditions and other exceptional circumstances.
- Confusion over which part of the program is responsible for releasing the resource.
Most unreleased resource issues result in general software reliability problems. However, if an attacker can intentionally trigger a resource leak, the attacker may be able to launch a denial of service attack by depleting the resource pool.
Example 1: The following method never closes the file handle it opens. The
Resource leaks have at least two common causes:
- Error conditions and other exceptional circumstances.
- Confusion over which part of the program is responsible for releasing the resource.
Most unreleased resource issues result in general software reliability problems. However, if an attacker can intentionally trigger a resource leak, the attacker may be able to launch a denial of service attack by depleting the resource pool.
Example 1: The following method never closes the file handle it opens. The
Finalize() method for StreamReader eventually calls Close(), but there is no guarantee as to how long it will take before the Finalize() method is invoked. In fact, there is no guarantee that Finalize() will ever be invoked. In a busy environment, this can result in the VM using up all of its available file handles.Example 2: Under normal conditions the following code executes a database query, processes the results returned by the database, and closes the allocated
private void processFile(string fName) {
StreamWriter sw = new StreamWriter(fName);
string line;
while ((line = sr.ReadLine()) != null)
processLine(line);
}
SqlConnection object. But if an exception occurs while executing the SQL or processing the results, the SqlConnection object will not be closed. If this happens often enough, the database will run out of available cursors and not be able to execute any more SQL queries.
...
SqlConnection conn = new SqlConnection(connString);
SqlCommand cmd = new SqlCommand(queryString);
cmd.Connection = conn;
conn.Open();
SqlDataReader rdr = cmd.ExecuteReader();
HarvestResults(rdr);
conn.Connection.Close();
...
desc.controlflow.dotnet.unreleased_resource
Abstract
The program can potentially fail to release a system resource.
Explanation
The program can potentially fail to release a system resource.
Resource leaks have at least two common causes:
- Error conditions and other exceptional circumstances.
- Confusion over which part of the program is responsible for releasing the resource.
Most unreleased resource issues result in general software reliability problems. However, if an attacker can intentionally trigger a resource leak, the attacker may be able to launch a denial of service by depleting the resource pool.
Example: The following function does not close the file handle it opens if an error occurs. If the process is long-lived, the process can run out of file handles.
Resource leaks have at least two common causes:
- Error conditions and other exceptional circumstances.
- Confusion over which part of the program is responsible for releasing the resource.
Most unreleased resource issues result in general software reliability problems. However, if an attacker can intentionally trigger a resource leak, the attacker may be able to launch a denial of service by depleting the resource pool.
Example: The following function does not close the file handle it opens if an error occurs. If the process is long-lived, the process can run out of file handles.
int decodeFile(char* fName)
{
char buf[BUF_SZ];
FILE* f = fopen(fName, "r");
if (!f) {
printf("cannot open %s\n", fName);
return DECODE_FAIL;
} else {
while (fgets(buf, BUF_SZ, f)) {
if (!checkChecksum(buf)) {
return DECODE_FAIL;
} else {
decodeBlock(buf);
}
}
}
fclose(f);
return DECODE_SUCCESS;
}
desc.controlflow.cpp.unreleased_resource
Abstract
The program can potentially fail to release a system resource.
Explanation
The program can potentially fail to release a system resource.
Resource leaks have at least two common causes:
- Error conditions and other exceptional circumstances.
- Confusion about which part of the program is responsible for releasing the resource.
Most unreleased resource issues result in general software reliability problems. However, if an attacker can intentionally trigger a resource leak, the attacker might launch a denial of service by depleting the resource pool.
Example: The following program does not close the file handle it opens if an error occurs. If the process is long-lived, the process can run out of file handles.
Resource leaks have at least two common causes:
- Error conditions and other exceptional circumstances.
- Confusion about which part of the program is responsible for releasing the resource.
Most unreleased resource issues result in general software reliability problems. However, if an attacker can intentionally trigger a resource leak, the attacker might launch a denial of service by depleting the resource pool.
Example: The following program does not close the file handle it opens if an error occurs. If the process is long-lived, the process can run out of file handles.
CALL "CBL_CREATE_FILE"
USING filename
access-mode
deny-mode
device
file-handle
END-CALL
IF return-code NOT = 0
DISPLAY "Error!"
GOBACK
ELSE
PERFORM write-data
IF ws-status-code NOT = 0
DISPLAY "Error!"
GOBACK
ELSE
DISPLAY "Success!"
END-IF
END-IF
CALL "CBL_CLOSE_FILE"
USING file-handle
END-CALL
GOBACK
.
desc.controlflow.cobol.unreleased_resource
Abstract
The program can potentially fail to release a system resource.
Explanation
The program can potentially fail to release a system resource.
Resource leaks have at least two common causes:
- Error conditions and other exceptional circumstances.
- Confusion over which part of the program is responsible for releasing the resource.
Most unreleased resource issues result in general software reliability problems. However, if an attacker can intentionally trigger a resource leak, the attacker may be able to launch a denial of service by depleting the resource pool.
Example: The following function does not close the file handle it opens. If the process is long-lived, it may run out of file handles.
Resource leaks have at least two common causes:
- Error conditions and other exceptional circumstances.
- Confusion over which part of the program is responsible for releasing the resource.
Most unreleased resource issues result in general software reliability problems. However, if an attacker can intentionally trigger a resource leak, the attacker may be able to launch a denial of service by depleting the resource pool.
Example: The following function does not close the file handle it opens. If the process is long-lived, it may run out of file handles.
BEGIN
...
F1 := UTL_FILE.FOPEN('user_dir','u12345.tmp','R',256);
UTL_FILE.GET_LINE(F1,V1,32767);
...
END;
desc.controlflow.sql.unreleased_resource