Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ICSE
2004
IEEE-ACM
2004
IEEE-ACM
Static Checking of Dynamically Generated Queries in Database Applications
Many data-intensive applications dynamically construct queries in response to client requests and execute them. Java servlets, e.g., can create string representations of SQL queries and then send the queries, using JDBC, to a database server for execution. The servlet programmer enjoys static checking via Java's strong type system. However, the Java type system does little to check for possible errors in the dynamically generated SQL query strings. Thus, a type error in a generated selection query (e.g., comparing a string attribute with an integer) can result in an SQL runtime exception. Currently, such defects must be rooted out through careful testing, or (worse) might be found by customers at runtime. In this paper, we present a sound, static, program analysis technique to verify the correctness of dynamically generated query strings. We describe our analysis technique and provide soundness results for our static analysis algorithm. We also describe the details of a prototype...
Real-time TrafficGenerated Selection Query | ICSE 2004 | Software Engineering | SQL Query Strings | Static Analysis Algorithm |
Related Content
| Added | 09 Dec 2009 |
| Updated | 09 Dec 2009 |
| Type | Conference |
| Year | 2004 |
| Where | ICSE |
| Authors | Carl Gould, Zhendong Su, Premkumar T. Devanbu |
Comments (0)
Researcher Info
|
