...
See also the related locking guideline LCK08-J. Ensure actively held locks are released on exceptional conditions.
Resources other than raw memory must be explicitly freed in non-finalizer methods, due to the unsuitability of using finalizers.
Noncompliant Code Example (SQL Connection)
The problem of resource pool exhaustion is aggravated in the case of database connections. Many database servers allow only a fixed number of connections, depending on configuration and licensing. Consequently, failure to release database connections can result in rapid exhaustion of available connections. This noncompliant code example fails to close the connection when an error occurs during execution of the SQL statement or during processing of the results.
| Code Block |
|---|
|
public void getResults(String sqlQuery) {
try {
Connection conn = getConnection();
Statement stmt = conn.createStatement();
ResultSet rs = stmt.executeQuery(sqlQuery);
processResults(rs);
stmt.close();
} catch (SQLException e) { /* forward to handler */ }
}
|
Noncompliant Code Example
This noncompliant code example attempts to address exhaustion of database connections by adding clean-up code in a finally block. However, either or both of rs and stmt could be null, causing the code in the finally block to throw a NullPointerException.
| Code Block |
|---|
|
Statement stmt = null;
ResultSet rs = null
Connection conn = getConnection();
try {
stmt = conn.createStatement();
rs = stmt.executeQuery(sqlQuery);
processResults(rs);
} catch(SQLException e) {
// forward to handler
} finally {
rs.close();
stmt.close();
}
|
Noncompliant Code Example
In this noncompliant code example, the call to rs.close() could throw an SQLException; consequently, stmt.close() would never be called.
| Code Block |
|---|
|
Statement stmt = null;
ResultSet rs = null;
Connection conn = getConnection();
try {
stmt = conn.createStatement();
rs = stmt.executeQuery(sqlQuery);
processResults(rs);
} catch (SQLException e) {
// forward to handler
} finally {
if (rs != null) {
rs.close();
}
if (stmt != null) {
stmt.close();
}
}
|
...
| Code Block |
|---|
|
Statement stmt = null;
ResultSet rs = null;
Connection conn = getConnection();
try {
stmt = conn.createStatement();
rs = stmt.executeQuery(sqlQuery);
processResults(rs);
} catch (SQLException e) {
// forward to handler
} finally {
try {
if (rs != null) {
rs.close();
}
} finally {
try {
if (stmt != null) {
stmt.close();
}
}
finally {
conn.close();
}
}
}
|
Noncompliant Code Example (File Handle)
This noncompliant code example opens a file and uses it, but fails to explicitly close the file handle.
| Code Block |
|---|
|
public int processFile(String fileName) throws IOException, FileNotFoundException {
FileInputStream stream = new FileInputStream(fileName);
BufferedReader bufRead = new BufferedReader(new InputStreamReader(stream));
String line;
while ((line = bufRead.readLine()) != null) {
sendLine(line);
}
return 1;
}
|
...
| Code Block |
|---|
|
FileInputStream stream = null;
BufferedReader bufRead = null;
String line;
try {
stream = new FileInputStream(fileName);
bufRead = new BufferedReader(new InputStreamReader(stream));
while ((line = bufRead.readLine()) != null) {
sendLine(line);
}
} catch (IOException e) {
// forward to handler
} finally {
if (stream != null) {
stream.close();
}
}
|
...
