In Java programs SQL statements are usually embedded in string literals. As they are just strings for compiler, SQL mistakes pop up only at runtime. Furthermore, if you have used conditionals for constructing the query, it's possible that a buggy branch is executed first time at your client's site. Alvor is an Eclipse JDT plug-in that checks embedded SQL statements at compile-time. It can be invoked explicitly for whole-program analysis or it can be configured to run incrementally as you write code (each time file is saved). Alvor's work process has 3 main steps: 1) Find expressions in Java code that should evaluate to correct SQL statements. For this, the user configures set of method names and argument positions (eg. java.sql.Connection#prepareStatement, argument 1) and Alvor locates respective method calls and argument expressions. 2) Perform string analysis on those argument expressions to find their possible values. Besides simple string literals, it can handle conditional assignments to variables and cases where parts of string come from method parameters or from methods returning strings. Possible values for each expression are represented as a regular expression. 3) Validate found strings either by testing all possible cases against actual test database (using Connection.prepareStatement) or by performing abstract parsing directly on the regular expressions constructed in previous step. Any errors found are presented via Eclipse error markers. Although Alvor is currently in beta, it has proven itself by finding 8 real SQL bugs in selected parts of Compiere ERP system (300 KLOC). For medium-sized projects the whole-program analysis takes 5-20 seconds. Incremental analysis usually completes in less than 0.5 seconds. Alvor is an open-source project. For more information and installation instructions see http://alvor.googlecode.com/
Alvor
最新推荐文章于 2023-08-19 15:22:55 发布
Alvor是一款Eclipse插件,能在编译阶段检查Java程序中嵌入的SQL语句,避免运行时出现错误。它通过定位SQL字符串、分析表达式并验证SQL语法来确保代码质量。
2517

被折叠的 条评论
为什么被折叠?



