Standard FILE objects and their underlying representation (file descriptors on POSIX ® ® platforms or handles elsewhere) are a finite resource that must be carefully managed. The maximum number of files that an implementation guarantees may be open simultaneously is bounded by the FOPEN_MAX macro defined in <stdio.h>. The value of the macro is guaranteed to be at least 8. Thus, portable programs must either avoid keeping more than FOPEN_MAX files at the same time or be prepared for functions such as fopen() to fail due to resource exhaustion.
...
This rule appears in the Java Secure Coding Standard as FIO06-J. Ensure all resources are properly closed when they are no longer needed.
...
Bibliography
| Wiki Markup |
|---|
\[[Austin Group 08|AA. Bibliography#Austin Group 08]\] \[[Dowd 06|AA. Bibliography#Dowd 06]\] Chapter 10, "UNIX Processes" (File Descriptor Leaks 582-587) \[[MITRE 07|AA. Bibliography#MITRE 07]\] [CWE-404|http://cwe.mitre.org/data/definitions/404.html], "Improper Resource Shutdown or Release," and [CWE-403|http://cwe.mitre.org/data/definitions/403.html], "UNIX File Descriptor Leak," [CWE-770|http://cwe.mitre.org/data/definitions/770.html], "Allocation of Resources Without Limits or Throttling" \[[MSDN|AA. Bibliography#MSDN]\] [Inheritance|http://msdn.microsoft.com/en-us/library/ms683463.aspx] (Windows) \[[NAI 98|AA. Bibliography#NAI 98]\] |
...