HPE Fortify security scans flags possible resource leak in tDBOutput

Five Stars

HPE Fortify security scans flags possible resource leak in tDBOutput

The following code may have a resource leak in the main path or if an exception occurs in code emitted by the tDBOutput component.

if(!whetherExist_tDBOutput_1) {
	java.sql.Statement stmtCreate_tDBOutput_1 = conn_tDBOutput_1.createStatement();
		stmtCreate_tDBOutput_1.execute("CREATE TABLE " + tableName_tDBOutput_1 + "(ID VARCHAR2(32)  )");
	stmtCreate_tDBOutput_1.close();
}

Example: Under normal conditions, the following code executes a database query, processes the results
returned by the database, and closes the allocated statement object. But if an exception occurs while
executing the SQL or processing the results, the statement object will not be closed. If this happens often
enough, the database will run out of available cursors and not be able to execute any more SQL queries.
    Statement stmt = conn.createStatement();
    ResultSet rs = stmt.executeQuery(CXN_SQL);
    harvestResults(rs);
    stmt.close();
In this case, there are program paths on which a Statement is not released.

 

Tags (2)
Five Stars

Re: HPE Fortify security scans flags possible resource leak in tDBOutput

This also raises alerts where the code emits pstmt_tOracleOutput_1.executeQuery() and tDBOuput_1.PreparedStatement(...)