The Clang Static Analyzer used by Xcode uses checkers to identify warnings and errors in source code. I'd like to use a checker to detect when sqlite is used with sqlite3_prepare_v2
being called without calling sqlite3_finalize
.
Here is a list of existing checkers.
http://clang-analyzer.llvm.org/available_checks.html
And here is a list of potential checkers.
http://clang-analyzer.llvm.org/potential_checkers.html
Are there any checkers out there specific to sqlite which could address this issue? Is there another way to automatically detect missing/unbalanced calls?
Unfortunately No way.
Only you can do is, make sure you have written the sqlite3_finalize
inside the sqlite3_prepare
block instead of writing outside. This will handle sqlite3_prepare
failure issues.
if(sqlite3_prepare(dbfile,query,-1,&statement,0)==SQLITE_OK)
{
int res=sqlite3_step(statement);
result=res;
sqlite3_finalize(statement);
}
If you are wtitten sqlite3_finalize
outside the sqlite3_prepare
block, it will cause issues while sqlite3_prepare
statement fails.
Please look at this example: Accessing a SQLite Database with C++
有一个Clang静态分析器,您可以在https://github.com/XSecurity/XSecurity中找到它
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.