RLK.SOCK
RLK (Resource Leak) issues are reported when resources are allocated but not properly disposed after use. Failing to properly dispose a resource can lead to such problems as:
- too many files being open
- an application not being able to access a temporary file when it is needed
An RLK.SOCK warning indicates that a Socket is not closed on exit.
Vulnerability and risk
Resources such as streams, connections and graphic objects must be explicitly closed. The close operation can unblock transactions or flush file changes in the file system. While a resource will eventually be closed by the garbage collector, resource exhaustion can occur before garbage collection starts. Depending on the nature of the resource, various exceptions will be thrown on a failed attempt to allocate another resource, for example: java.io.FileNotFoundException: Too many open files or too many database connections.
Mitigation and prevention
Explicitly close all resources that have the close method, even those that you think are not doing anything significant. Future code changes will then be safe from such errors.
Example 1
public void accept() throws IOException {
ServerSocket serverSocket = null;
try {
serverSocket = new ServerSocket(1034);
Socket socket = serverSocket.accept(); // socket created
final OutputStream outputStream = socket.getOutputStream();
sendStatus(outputStream);
outputStream.close();
} finally {
serverSocket.close();
}
}
RLK.SOCK is reported for the snippet on line 27: 'socket' created by 'serverSocket.accept()' call is not closed after creation.
Example 2
public void accept() throws IOException {
ServerSocket serverSocket = null;
try {
serverSocket = new ServerSocket(1034);
Socket socket = serverSocket.accept(); // socket created
try {
final OutputStream outputStream = socket.getOutputStream();
sendStatus(outputStream);
outputStream.close();
} finally {
socket.close(); // socket closed
}
} finally {
serverSocket.close();
}
}
The snippet from the previous section is fixed; RLK.SOCK is not reported here.
External guidance
Extension
This checker can be extended through the Klocwork knowledge base. See Tuning Java analysis for more information.