0

Title : Java - SonarLint Detect the Blocker - Close this "PreparedStatement" in a "finally" clause.

Question : I have multiple PreparedStatement in one method (example), then I have done close the PreparedStatement but the first line ( // prepareStatement no 1 - table_a) of PreparedStatement still detect Blocker - ( Close this "PreparedStatement" in a "finally" clause) :

PreparedStatement preparedStatement = null;
    try {
connection.setAutoCommit(false);
        // prepareStatement no 1
        preparedStatement = connection.prepareStatement("delete from table_a where abc_id=?");  
        preparedStatement.setString(1, abc_id);
        preparedStatement.executeUpdate();

        // prepareStatement no 2
        preparedStatement = connection.prepareStatement("delete from table_b where bc_id=?");       
        preparedStatement.setString(1, bc_id);
        preparedStatement.executeUpdate();

        // prepareStatement no 3
        preparedStatement = connection.prepareStatement("delete from table_c where cd_id=?");       
        preparedStatement.setString(1, cd_id);
        preparedStatement.executeUpdate();

        // prepareStatement no 4
        preparedStatement = connection.prepareStatement("delete from table_d where de_id=?");
        preparedStatement.setString(1, de_id);
        preparedStatement.executeUpdate();

        // prepareStatement no 5
        preparedStatement = connection.prepareStatement("delete from table_e where ef_id=?");           
        preparedStatement.setString(1, ef_id);
        preparedStatement.executeUpdate();      

        // prepareStatement no 6
        preparedStatement = connection.prepareStatement("delete from table_f where fg_id=?");
        preparedStatement.setString(1, fg_id);
        preparedStatement.executeUpdate();

        connection.commit();

 } catch(SQLException e) {
        log.error(e);
    } finally {
        try {
            if (preparedStatement != null) {
                preparedStatement.close();
            }

            connection.setAutoCommit(true);
        } catch (SQLException e) {
            log.error(e);
        }
    }
fndong
  • 81
  • 2
  • 11
  • It seems to be a false positive to me because I cannot see any reason of why SONAR is giving blocker for this. I am quite sure if you will remove null check the issue would go but that doesn't make any sense as null check needs to be done – codeLover Jul 06 '18 at 04:06

1 Answers1

1

You are not closing the prepared statements. You only close the last one (or the first one on which an exception happens). All others do remain unclosed. Just because you assign them to the same local variable (preparedStatement) does not mean that Connection.prepareStatement reuses the previous statement. In fact, I'd doubt it does, after all it cannot know how what your code does.

To confirm, watch your code in the debugger. Keep an eye open for the number of prepared statements and their internals.

Your best bet would be to use try with resources to automatically close each statement when it goes out of scope.

Robert
  • 7,394
  • 40
  • 45
  • 64