swift – iOS Swif- Fortify SCA – Alamofire – Unreleased Useful resource: Streams


Fortify’s Static Code Analyzer flagged out a excessive threat vulnerability – “Unreleased Useful resource: Streams” on Alamofire in iOS (Swift) cell app challenge.

The perform lambda { (inout DataStreamRequest.StreamMutableState) -> Void? }() in Request.swift generally fails to launch a system useful resource allotted by open() on line 1377.The recognized perform generally fails to launch a system useful resource.

This system can doubtlessly fail to launch a system useful resource.On this case, there are program paths on which the useful resource allotted in Request.swift on line 1377 is just not launched.”

 public func asInputStream(bufferSize: Int = 1024) -> InputStream? {
    defer { resume() }

    var inputStream: InputStream?
    $streamMutableState.write { state in
        Basis.Stream.getBoundStreams(withBufferSize: bufferSize,
                                          inputStream: &inputStream,
                                          outputStream: &state.outputStream)

    return inputStream

I made reference to related challenge -> Unreleased Useful resource: Streams #3146 which was marked as False Constructive with defer { shut() }.

Nonetheless, there isn’t any defer { shut() } on this challenge flagged by Fortify.

Any recommendation on tips on how to clear up this?


Leave a Reply

Your email address will not be published. Required fields are marked *