Carl Gould scite author profile

Static checking of dynamically generated queries in database applications

Gould

¹

,

Su

²

,

³

View full text Add to dashboard Cite

Many data-intensive applications dynamically construct queries in response to client requests and execute them. Java servlets, for example, can create strings that represent SQL queries and then send the queries, using JDBC, to a database server for execution. The servlet programmer enjoys static checking via Java's strong type system. However, the Java type system does little to check for possible errors in the dynamically generated SQL query strings. Thus, a type error in a generated selection query (e.g., comparing a string attribute with an integer) can result in an SQL runtime exception. Currently, such defects must be rooted out through careful testing, or (worse) might be found by customers at runtime. In this article, we present a sound, static program analysis technique to verify that dynamically generated query strings do not contain type errors. We describe our analysis technique and provide soundness results for our static analysis algorithm. We also describe the details of a prototype tool based on the algorithm and present several illustrative defects found in senior software-engineering student-team projects, online tutorial examples, and a real-world purchase order system written by one of the authors.

show abstract

JDBC checker: a static analysis tool for SQL/JDBC applications

Gould

¹

,

Su

²

,

³

View full text Add to dashboard Cite

Static checking of dynamically generated queries in database applications

Wassermann

¹

,

Gould

²

,

Su

³

et al. 2007

ACM Trans. Softw. Eng. Methodol.

View full text Add to dashboard Cite

Many data-intensive applications dynamically construct queries in response to client requests and execute them. Java servlets, for example, can create strings that represent SQL queries and then send the queries, using JDBC, to a database server for execution. The servlet programmer enjoys static checking via Java's strong type system. However, the Java type system does little to check for possible errors in the dynamically generated SQL query strings. Thus, a type error in a generated selection query (e.g., comparing a string attribute with an integer) can result in an SQL runtime exception. Currently, such defects must be rooted out through careful testing, or (worse) might be found by customers at runtime. In this article, we present a sound, static program analysis technique to verify that dynamically generated query strings do not contain type errors. We describe our analysis technique and provide soundness results for our static analysis algorithm. We also describe the details of a prototype tool based on the algorithm and present several illustrative defects found in senior software-engineering student-team projects, online tutorial examples, and a real-world purchase order system written by one of the authors. An earlier version of this article was published as GOULD, C., SU, Z., AND DEVANBU, P., Static checking of dynamically generated queries in database applications, In

show abstract

Carl Gould

Static checking of dynamically generated queries in database applications

JDBC checker: a static analysis tool for SQL/JDBC applications

Static checking of dynamically generated queries in database applications

Contact Info

Product

Resources

About