CRITICAL
Rule Definition
A query that retrieves all columns of a table with a SELECT * can potentially be the source of important performance problems:
Such performance problems may arise when the execution of the query returns a large result sets (many row with all the columns may then become a huge amount of data to transport over the network).
Thus optimzer module can't provide a correct execution.
Also, when using such queries, one cannot control how the columns will be ordered and returned to the client. This can lead to important data inconsistencies and thus stability issues.
Remediation
Limit the columns in your SQL select statements to those applications really needing it.
Violation Code Sample
<?php
class CAST{
public function close() {
if (true) {
echo 'test';
}
}
}
?>
Fixed Code Sample
<?php
try {
$fileHandle = fopen("my_file.csv", "r");
if(false === $fileHandle) {
throw new Exception('Could not open CSV file!');
}
}
catch (RuntimeException $ex)
{
// violation removed with comment: we should handle the exception properly
} catch (Exception $e)
{
echo $e->getMessage();
}
?>
Reference
Code Sniffer - http://pear.php.net/package/PHP_CodeSniffer/docs/1.5.2/PHP_CodeSniffer/Squiz_Sniffs_Commenting_EmptyCatchCommentSniff.html
Related Technologies
Technical Criterion
CWE-391 - Unchecked Error Condition
About CAST Appmarq
CAST Appmarq is by far the biggest repository of data about real IT systems. It's built on thousands of analyzed applications, made of 35 different technologies, by over 300 business organizations across major verticals. It provides IT Leaders with factual key analytics to let them know if their applications are on track.