ANDROID.RLK.SQLOBJ
RLK (Resource Leak) issues are reported when resources are allocated but not properly disposed after use. An ANDROID.RLK.SQLOBJ warning indicates that an SQLite API object (other than an SQL connection) is not closed on exit.
Vulnerability and risk
Resources such as streams, connections and graphic objects must be explicitly closed. The close operation can unblock transactions or flush file changes in the file system. While a resource will eventually be closed by the garbage collector, resource exhaustion can occur before garbage collection starts. Depending on the nature of the resource, various exceptions will be thrown on a failed attempt to allocate another resource, for example: java.io.FileNotFoundException: Too many open files or too many database connections.
Mitigation and prevention
Explicitly close all resources that have the close method, even those that you think are not doing anything significant. Future code changes will then be safe from such errors.
Example 1
protected void onCreate(Bundle bundle) {
super.onCreate(bundle);
database = openOrCreateDatabase(DB_NAME, Context.MODE_PRIVATE, null);
if (bundle != null) {
final String[] queryClauseArray = bundle.getStringArray(KEY_QUERY);
if (queryClauseArray != null) {
for (final String queryClause : queryClauseArray) {
final Cursor query = database.query(DATABASE_TABLE,
new String[]{KEY_FILE, KEY_DATE, KEY_COMMENT},
null,
null,
null,
null,
queryClause);
files.add(query.getString(0));
dates.add(query.getString(1));
comments.add(query.getString(2));
}
}
}
}ANDROID.RLK.SQLOBJ is reported for the snippet on line 49: database cursor 'query' is not closed on exit.
Related checkers
Extension
This checker can be extended through the Klocwork knowledge base. See Tuning Java analysis for more information.
