CRITICAL
Rule Definition
This mainly comes from an incorrect code that by mistake access the invalid resource which was closed by the object. Invalid resource access shall make production applications down at runtime.
Remediation
You can use:
- isClosed() methods before accessing the Connection object .
- close() method should be always before closing the application.
Violation Code Sample
String connectionUrl="jdbc:mysql://localhost:3306/MyDb";
String userName="root";
String userPass="root";
DBConnectionInvalid connectionExample=new DBConnectionInvalid();
try{
connection=connectionExample.getConnection(connectionUrl, userName, userPass);
}catch(Exception e){
System.out.println(e.toString());
}finally{
System.out.println("Closing a conection");
connection.close();
System.out.println("Connection closed.........");
if(!connection.isClosed())
{
connection.prepareStatement("select * from ....");
}
}
Fixed Code Sample
with finally
~~~~~~~~~~~~
if(!connection.isClosed())
connection.prepareStatement("select * from ....");
or
finally{
System.out.println("Closing a conection");
connection.close();
}
Reference
https://cwe.mitre.org/data/definitions/672.html
Related Technologies
Technical Criterion
CWE-672 - Operation on a Resource after Expiration or Release
About CAST Appmarq
CAST Appmarq is by far the biggest repository of data about real IT systems. It's built on thousands of analyzed applications, made of 35 different technologies, by over 300 business organizations across major verticals. It provides IT Leaders with factual key analytics to let them know if their applications are on track.