diff --git a/rules/S3921/plsql/rule.adoc b/rules/S3921/plsql/rule.adoc index c9f93abadff..6b6f01f59d3 100644 --- a/rules/S3921/plsql/rule.adoc +++ b/rules/S3921/plsql/rule.adoc @@ -2,41 +2,61 @@ Trying to assign a large character value to a smaller variable or column will raise an error. -=== Noncompliant code example +include::../../../shared_content/plsql/data_dictionary.adoc[] -[source,sql] ----- -create table persons (id number, name varchar2(4)); +== How to fix it -insert into persons (id, name) values (1, 'Alice'); -- Noncompliant, raises ORA-12899 +Ensure that the size of the variable or column is large enough to hold the value. -create or replace procedure sp1 -is - foo varchar2(2); -begin - select name into foo from persons where id = 1; -- Noncompliant, may raise ORA-06502 -end; ----- +=== Code examples -=== Compliant solution +==== Noncompliant code example -[source,sql] +[source,sql,diff-id=1,diff-type=noncompliant] +---- +CREATE TABLE Persons +( + Id NUMBER, + Name VARCHAR2(4) +); + +INSERT INTO Persons (Id, Name) VALUES (1, 'Alice'); -- Noncompliant, raises ORA-12899 + +CREATE OR REPLACE PROCEDURE sp1 +IS + foo VARCHAR2(2); +BEGIN + SELECT Name INTO foo FROM Persons WHERE Id = 1; -- Noncompliant, may raise ORA-06502 +END; ---- -create table persons (id number, name varchar2(8)); -insert into persons (id, name) values (1, 'Alice'); +==== Compliant solution -create or replace procedure sp1 -is - foo varchar2(8); -begin - select name into foo from persons where id = 1; -end; +[source,sql,diff-id=1,diff-type=compliant] +---- +CREATE TABLE Persons +( + Id NUMBER, + Name VARCHAR2(8) +); + +INSERT INTO Persons (Id, Name) VALUES (1, 'Alice'); + +CREATE OR REPLACE PROCEDURE sp1 +IS + foo VARCHAR2(8); +BEGIN + SELECT Name INTO foo FROM Persons WHERE Id = 1; +END; ---- == Resources +=== Documentation + * CWE - https://cwe.mitre.org/data/definitions/704[CWE-704 - Incorrect Type Conversion or Cast] +* Oracle Database - https://docs.oracle.com/en/error-help/db/ora-12899[ORA-12899] +* Oracle Database - https://docs.oracle.com/en/error-help/db/ora-06502[ORA-06502] ifdef::env-github,rspecator-view[]