16f6c0aecf
Inline adoc files when they are included exactly once. Also fix language tags because this inlining gives us better information on what language the code is written in.
60 lines
1.1 KiB
Plaintext
60 lines
1.1 KiB
Plaintext
== Why is this an issue?
|
|
|
|
Trying to assign a large character value to a smaller variable or column will raise an error.
|
|
|
|
=== Noncompliant code example
|
|
|
|
[source,sql]
|
|
----
|
|
create table persons (id number, name varchar2(4));
|
|
|
|
insert into persons (id, name) values (1, 'Alice'); -- Noncompliant, raises ORA-12899
|
|
|
|
create or replace procedure sp1
|
|
is
|
|
foo varchar2(2);
|
|
begin
|
|
select name into foo from persons where id = 1; -- Noncompliant, may raise ORA-06502
|
|
end;
|
|
----
|
|
|
|
=== Compliant solution
|
|
|
|
[source,sql]
|
|
----
|
|
create table persons (id number, name varchar2(8));
|
|
|
|
insert into persons (id, name) values (1, 'Alice');
|
|
|
|
create or replace procedure sp1
|
|
is
|
|
foo varchar2(8);
|
|
begin
|
|
select name into foo from persons where id = 1;
|
|
end;
|
|
----
|
|
|
|
== Resources
|
|
|
|
* https://cwe.mitre.org/data/definitions/704[MITRE, CWE-704] - Incorrect Type Conversion or Cast
|
|
|
|
|
|
ifdef::env-github,rspecator-view[]
|
|
|
|
'''
|
|
== Implementation Specification
|
|
(visible only on this page)
|
|
|
|
include::../message.adoc[]
|
|
|
|
include::../parameters.adoc[]
|
|
|
|
include::../highlighting.adoc[]
|
|
|
|
'''
|
|
== Comments And Links
|
|
(visible only on this page)
|
|
|
|
include::../comments-and-links.adoc[]
|
|
endif::env-github,rspecator-view[]
|