I use HttpContext to retrieve the current username of an upcoming HTTP request, however when analyzing coverage it reports a resource leak.
public class UsersController:ApiController
{
private string userName;
public UsersController()
{
if (HttpContext.Current != null)
{
userName = HttpContext.Current.User.Identity.Name;
}
}
public class MyIdentity : IIdentity
{
private string name;
public string AuthenticationType
{
get { return "Custom"; }
}
public bool IsAuthenticated
{
get { return true; }
}
public string Name { get; set; }
}
The Coverity report says: 2. alloc_fn: The new resource is returned from the Identity.get allocation method. (A virtual call is allowed for System.Security.Claims.ClaimsPrincipal.Identity.get.) 3. noescape: Resource System.Web.HttpContext.Current.User.Identity is not closed or stored in Name.get. (A virtual call is allowed for Org.Abc.HttpModules.MyIdentity.Name.get.)
CID 51307: Resource leak (RESOURCE_LEAK) 4. leaked_resource: Failed to save or close the resource created by System.Web.HttpContext.Current.User.Identity, leak.