Resource leak

The RH.LEAK checker finds instances in which all descriptors related to a previously acquired, but unreleased, resource are lost.

Vulnerability and risk

There are situations in which resources are limited, and if a resource isn't properly released, it will be unavailable at the next access attempt.

Vulnerable code example

  #include <stdio.h>
   int foo (const char *name) {
      FILE *f = fopen(name, "r");
      if (some_error) return 1;
      return 0;

Klocwork flags the code at line 5, indicating that a resource may be lost.