#1116 SQL Connection creation in loop not flagged as bug

3.x
open-accepted
5
2014-06-19
2012-09-12
Sriram L
No

Hi,
If the code to get SQL connection is wrapped in a IF block that in turn is inside a FOR loop that doesn't contain connection close, then FindBugs is not flagging this as a issue.
For example:
...
for(int i=0;i<10;i++){
if(i>5){
connection = DriverManager.getConnection(url, username, password);
pstmt = connection.prepareStatement("SELECT count(1) from tab");.
rs = pstmt.executeQuery();
while (rs.next()) {
System.out.println(rs.getString(1));
}
}
}

FindBugs works fine if the IF block is removed and the issue is flagged as not closed on all paths.

Thanks and regards,
Sriram L

Discussion

  • Sriram L

    Sriram L - 2012-09-12

    Java Source code for DB connection creation.

     
  • William Pugh

    William Pugh - 2012-09-27
    • labels: 954086 --> false negative
    • assigned_to: nobody --> wpugh
    • status: open --> open-works-for-me
     
  • William Pugh

    William Pugh - 2012-09-27

    OK, in both cases (in a loop, not in a loop), I'm getting warnings about both the connection and preparedstatement not being closed. However, I'm only seeing a warning about the ResultSet in the case where it is not enclosed in a loop. Is that what you are seeing?

     
  • William Pugh

    William Pugh - 2012-10-05

    In the attached file, DBConnection.java, FindBugs correctly doesn't report a warning, since everything is enclosed in a try-finally block that closes everything.

    I need more information to understand the case you are claiming is a false negative.

     
  • William Pugh

    William Pugh - 2012-10-05
    • status: open-works-for-me --> pending-works-for-me
     
  • Sriram L

    Sriram L - 2012-10-05

    Hi Williams,
    This is my take in the defect I logged. In the code I've attached (DBConnection.java) there are 10 DB connections created in the for loop and only the last connection object is closed by the finally block. The other 9 connection objects will still be open and will bring the application to its knees as the code gets executed many times. In order to avoid this I felt FindBugs should point out such code mistakes.

     
  • William Pugh

    William Pugh - 2013-06-04
    • status: pending-works-for-me --> open-accepted
    • Group: --> 2.0.3
     
  • William Pugh

    William Pugh - 2013-06-04

    OK, understood. thanks.

     
  • William Pugh

    William Pugh - 2013-06-18
    • Group: 2.0.3 --> 2.1.0
     
  • Andrey Loskutov

    Andrey Loskutov - 2014-06-19
    • Group: 3.0.0 --> 3.x
     

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:





No, thanks