kagkarlsson / micro-jdbc Goto Github PK
View Code? Open in Web Editor NEWSimple low-level helpers for jdbc-access
Simple low-level helpers for jdbc-access
Summary
The function inTransaction() in TransactionManager.java sometimes fails to release a database resource allocated by getConnection() on line 42.The program can potentially fail to release a database resource.
Explanation
Resource leaks have at least two common causes:
Error conditions and other exceptional circumstances.
Confusion over which part of the program is responsible for releasing the resource.
Most unreleased resource issues result in general software reliability problems, but if an attacker can intentionally trigger a resource leak, the attacker may be able to launch a denial of service attack by depleting the resource pool.
Example: Under normal conditions, the following code executes a database query, processes the results returned by the database, and closes the allocated statement object. But if an exception occurs while executing the SQL or processing the results, the statement object will not be closed. If this happens often enough, the database will run out of available cursors and not be able to execute any more SQL queries.
Statement stmt = conn.createStatement();
ResultSet rs = stmt.executeQuery(CXN_SQL);
harvestResults(rs);
stmt.close();
Instance ID: 217855466D132190375B688DB47EAC87
Primary Rule ID: B7DFF4A8-9817-4418-A35B-E70D10DC825E
Standards and Best Practices
PCI 3.2
6.5.6 - High Risk Vulnerabilities
STIG 4.1
APSC-DV-002400 CAT II
STIG 4.3
APSC-DV-002400 CAT II
CWE
CWE-404
Our organization requires us to record copyright information for all OpenSource library dependencies. The copyright scanner we use can extract all information from pom.xml. Therefore it would be great if you could add the copyright in the pom.xml or even have it as a separate file in your repository.
Now the latest version of micro-jdbc is 0.3 , but the latest release tag is only 0.2. could you help have a new release tag to match version 0.3
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.