File is not always closed¶
ID: py/file-not-closedKind: problemSecurity severity: Severity: warningPrecision: highTags: - quality - reliability - correctness - performance - external/cwe/cwe-772Query suites: - python-security-and-quality.qls
Click to see the query in the CodeQL repository
When a file is opened, it should always be closed.
A file opened for writing that is not closed when the application exits may result in data loss, where not all of the data written may be saved to the file. A file opened for reading or writing that is not closed may also use up file descriptors, which is a resource leak that in long running applications could lead to a failure to open additional files.
Recommendation¶
Ensure that opened files are always closed, including when an exception could be raised. The best practice is often to use awith statement to automatically clean up resources. Otherwise, ensure that.close() is called in atry...except ortry...finally block to handle any possible exceptions.
Example¶
In the following examples, in the case marked BAD, the file may not be closed if an exception is raised. In the cases marked GOOD, the file is always closed.
defbad():f=open("filename","w")f.write("could raise exception")# BAD: This call could raise an exception, leading to the file not being closed.f.close()defgood1():withopen("filename","w")asf:f.write("always closed")# GOOD: The `with` statement ensures the file is always closed.defgood2():f=open("filename","w")try:f.write("always closed")finally:f.close()# GOOD: The `finally` block always ensures the file is closed.
References¶
Python Documentation:Reading and writing files.
Python Language Reference:The with statement,The try statement.
Python PEP 343:The “with” Statement.
Common Weakness Enumeration:CWE-772.