-1

I have a large scale non-compiled project developed using Java and its frameworks like Spring and Spring Boot. This project has database interaction point like JDBC's connection.prepareStatement(sql). SQL passing to .prepareStatement() can be a constant String, object or combination of both. I want to understand how I can parse those SQL sttements without executing the code or statically parsing (traversing). I want to build a tool with the help of available libraries if any which can help me to this.

I tried static analysis and was successful in parsing/resolving all those snippets, but doing it manually will cost to much time and this will be for every time when I have to perform this kind of task. Till now I am unable to find a way to build a tool for this purpose.

Mark Rotteveel
  • 100,966
  • 191
  • 140
  • 197
Arsalan Siddiq
  • 1
  • 1
    Any analysis of the program when it is not executing would be static analysis. You may wish to edit the question to be more clear about what you want or are trying to avoid in static analysis. – Mitch Sep 01 '23 at 15:11
  • 1
    You can write your own version of the `javax.sql` package for testing and debugging. It can be as simple as recording the SQL and passing the information to the real `javax.sql` package code or as complex as an in memory database that emulates your database. – Gilbert Le Blanc Sep 01 '23 at 15:53

0 Answers0