package kr.co.kihyun.db; import java.io.FileNotFoundException; import java.io.FileReader; import java.io.IOException; import java.sql.Connection; import java.sql.DriverManager; import java.sql.PreparedStatement; import java.sql.ResultSet; import java.sql.ResultSetMetaData; import java.sql.SQLException; import java.sql.Statement; import javax.naming.Context; import javax.sql.DataSource; public class DBPoolCmcp { //50.public static을 통한 선언 오류(CWE-500) Delete by YOUNGJUN,CHO //public static int conCount = 0; //------------------------------------------------ private static DataSource ds = null; private static Context ctx; ResultSet rs; Connection con; Statement stmt; PreparedStatement pstmt; ResultSetMetaData rsmd; String url; String user; String password; static { try{ Class.forName("com.ibm.db2.jcc.DB2Driver").newInstance(); }catch(ClassNotFoundException ex){ ex.printStackTrace(); }catch(IllegalAccessException ex){ ex.printStackTrace(); }catch(InstantiationException ex){ ex.printStackTrace(); } } public Connection getConnection() throws SQLException, FileNotFoundException, IOException { FileReader in = null; try { //FileReader in = new FileReader("/edudocs/wasapps/atswas/moumi_cmcp.properties"); in = new FileReader("/edudocs/wasapps/atswas/moumi_cmcp.properties"); int c; String s = new String(); while((c=in.read()) != -1){ s = s + (char)c; //System.out.println("test1:::::"+s); } String[] data = s.split(","); String[] subData=null; String connection1 = data[0]; String connection2 = data[1]; String connection3 = data[2]; //System.out.println("::host1::"+connection1+"\n::host2:"+connection2+"\n:::host3::"+connection3); //System.out.println(":::s::::"+s); url = connection1; user=connection2; password = connection3; //in.close(); //v2. 19.부적절한 자원 해제 (Database)_CWE-404 : Comment by YOUNGJUN,CHO // 미해결사유 : Connection 을 리턴하는 메서드인데 Connection 을 끊으라고 해결책으로 제시해줘서 해결 안함. con = DriverManager.getConnection(url,user,password); } catch(IOException ioex) { ioex.printStackTrace(); } catch(SQLException sqlex) { sqlex.printStackTrace(); } finally { //v2 21.부적절한 자원 해제 (IO)_CWE-404 : Add by YOUNGJUN,CHO // properties 파일을 읽은 후, finally 에서 닫도록 수정함. if(in != null) { in.close(); } //++++++++++++++++++++++++++++++++++++++++++++++++ } return con; } protected void close(Connection con) { try { if (con != null) con.close(); } catch (SQLException ex) { //31.오류 상황 대응 부재_CWE-390 Add by YOUNGJUN,CHO ex.printStackTrace(); //++++++++++++++++++++++++++++++++++++++++++++++++ } } protected void close(Statement stmt) { try { if (stmt != null) stmt.close(); } catch (SQLException ex) { //31.오류 상황 대응 부재_CWE-390 Add by YOUNGJUN,CHO ex.printStackTrace(); //++++++++++++++++++++++++++++++++++++++++++++++++ } } protected void close(PreparedStatement pstmt) { try { if (pstmt != null) pstmt.close(); } catch (SQLException ex) { //31.오류 상황 대응 부재_CWE-390 Add by YOUNGJUN,CHO ex.printStackTrace(); //++++++++++++++++++++++++++++++++++++++++++++++++ } } protected void close(ResultSet rs) { try { if (rs != null) rs.close(); } catch (SQLException ex) { //31.오류 상황 대응 부재_CWE-390 Add by YOUNGJUN,CHO ex.printStackTrace(); //++++++++++++++++++++++++++++++++++++++++++++++++ } } }