Use of Object without Invoking Destructor Method
This weakness occurs when a program accesses an object but fails to properly call its destructor or finalizer method. This leaves the cleanup of the object's resources to the system's automatic garbage collection, which may not happen immediately or predictably.
Failing to explicitly invoke an object's destructor can lead to inefficient resource management. Memory, file handles, database connections, or network sockets may remain allocated longer than necessary, causing gradual performance degradation, increased latency, or unexpected system slowdowns as resources are exhausted. While often a performance issue, this pattern can become a security vulnerability if an attacker can repeatedly trigger the flawed code path. In systems with limited resources, sustained resource retention could lead to denial-of-service (DoS) conditions, application instability, or crashes that disrupt availability for legitimate users.
Impact: Reduce Performance
- OMG ASCPEM