[jira] Resolved: (GERONIMO-2361) Unclosed statement in Daytrader

["Donald Woods (JIRA)" <de...@geronimo.apache.org>]

     [ http://issues.apache.org/jira/browse/GERONIMO-2361?page=all ]

Donald Woods resolved GERONIMO-2361.
------------------------------------

    Fix Version/s: 1.1.1
                   1.1
       Resolution: Duplicate

Opened Daytrader-12 and attached a patch for this problem.
http://issues.apache.org/jira/browse/DAYTRADER-12


> Unclosed statement in Daytrader
> -------------------------------
>
>                 Key: GERONIMO-2361
>                 URL: http://issues.apache.org/jira/browse/GERONIMO-2361
>             Project: Geronimo
>          Issue Type: Bug
>      Security Level: public(Regular issues) 
>          Components: sample apps
>    Affects Versions: 1.1
>            Reporter: Yunfeng Ma
>             Fix For: 1.1.1, 1.1
>
>         Attachments: XMLSpyDesktopUnicode_EB16AC9AAE034CE9803335B4A1C382D6.exe
>
>
> There is a PreparedStatement which is not closed properly in Daytrader. This unclosed statement will cause memory leak and database problem during stress testing.
> Let's have a look at class org.apache.geronimo.samples.daytrader.direct.TradeDirect
>  public AccountDataBean login(String userID, String password)
>  throws Exception {
>  		 AccountDataBean accountData = null;
>  		 Connection conn=null;
>  		 try
>  		 {
>  		 		 if (Log.doTrace()) Log.trace("TradeDirect:login", userID, password);
>  		 		 
>  		 		 conn = getConn();
> 	 		 PreparedStatement stmt = getStatement(conn, getAccountProfileSQL);
> 	 		 stmt.setString(1, userID);
>  		 		 ResultSet rs = stmt.executeQuery();
>  		 		 if ( !rs.next() )
>  		 		 {
>  		 		 		 Log.error("TradeDirect:login -- failure to find account for" + userID);
>  		 		 		 throw new javax.ejb.FinderException("Cannot find account for" + userID);
>  		 		 }
>  		 		 		 
>  		 		 String pw = rs.getString("password");
>  		 		 stmt.close();
>      		 		 if ( (pw==null) || (pw.equals(password) == false) )
>      		 		 {
>   		 		 		 String error = "TradeDirect:Login failure for user: " + userID + 
>  		 		 		 		 		 "\n\tIncorrect password-->" + userID + ":" + password;
>  		 		 		 Log.error(error);
>  		    		 		 throw new Exception(error);
>      		 		 }
> ===================== Create a new PreparedStatement here =================		     		 
>  		 		 stmt = getStatement(conn, loginSQL);   
>  		 		 stmt.setTimestamp(1, new Timestamp(System.currentTimeMillis()));
> 	 		 stmt.setString(2, userID);
>  		 		 int rows = stmt.executeUpdate();
>  		 		 //?assert rows==1?
> ===================== stmt should be closed here ==========================
>  		 		 
>  		 		 stmt = getStatement(conn, getAccountForUserSQL);
>  		 		 stmt.setString(1, userID);
>  		 		 rs = stmt.executeQuery();
>  		 		 accountData = getAccountDataFromResultSet(rs);
>  		 		 
>  		 		 stmt.close();
>  		 
>  		 		 commit(conn);
>  		 }
>  		 catch (Exception e)
>  		 {
>  		 		 Log.error("TradeDirect:login -- error logging in user", e);
>  		 		 rollBack(conn, e);
>  		 }
>  		 finally
>  		 {
>  		 		 releaseConn(conn);
>  		 }
>  		 return accountData;		 		 
>  }

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira