Fixed errors identified by Semmle

src/main/java/com/microsoft/sqlserver/jdbc/DDC.java

@@ -37,7 +37,7 @@ final class DDC {
     /**
      * Convert an Integer object to desired target user type.
      * 
-     * @param intvalue
+     * @param intValue
      *        the value to convert.
      * @param valueLength
      *        the value to convert.

src/main/java/com/microsoft/sqlserver/jdbc/DataTypes.java

@@ -790,9 +790,9 @@ enum SetterConversion {
         SQLXML(JDBCType.Category.SQLXML, EnumSet.of(JDBCType.Category.SQLXML)),
 
         TVP(JDBCType.Category.TVP, EnumSet.of(JDBCType.Category.TVP)),
-        
+
         GEOMETRY(JDBCType.Category.GEOMETRY, EnumSet.of(JDBCType.Category.GEOMETRY)),
-        
+
         GEOGRAPHY(JDBCType.Category.GEOGRAPHY, EnumSet.of(JDBCType.Category.GEOGRAPHY));
 
         private final JDBCType.Category from;
@@ -975,10 +975,8 @@ boolean isTextual() {
     }
 
     /**
-     * Returns if datat types are supported by JDBC.
+     * Returns if data types are supported by JDBC.
      * 
-     * @param jdbcType
-     *        the JDBC type to check
      * @return true if the type is unsupported
      */
     boolean isUnsupported() {

src/main/java/com/microsoft/sqlserver/jdbc/IOBuffer.java

@@ -3773,13 +3773,19 @@ void writeString(String value) throws SQLServerException {
                 bytesToCopy = valueBytes.length;
 
             int bytesCopied = 0;
-            while (bytesCopied < bytesToCopy) {
-                char ch = value.charAt(charsCopied++);
-                valueBytes[bytesCopied++] = (byte) ((ch >> 0) & 0xFF);
-                valueBytes[bytesCopied++] = (byte) ((ch >> 8) & 0xFF);
-            }
+            try {
+                while (bytesCopied < bytesToCopy) {
+                    char ch = value.charAt(charsCopied++);
+                    valueBytes[bytesCopied++] = (byte) ((ch >> 0) & 0xFF);
+                    valueBytes[bytesCopied++] = (byte) ((ch >> 8) & 0xFF);
+                }
 
-            writeBytes(valueBytes, 0, bytesCopied);
+                writeBytes(valueBytes, 0, bytesCopied);
+            } catch (ArrayIndexOutOfBoundsException e) {
+                MessageFormat form = new MessageFormat(SQLServerException.getErrString("R_indexOutOfRange"));
+                Object[] msgArgs = {bytesCopied};
+                error(form.format(msgArgs), SQLState.DATA_EXCEPTION_NOT_SPECIFIC, DriverError.NOT_SET);
+            }
         }
     }
 
@@ -4209,7 +4215,7 @@ void writeRPCBit(String sName, Boolean booleanValue, boolean bOut) throws SQLSer
      * 
      * @param sName
      *        the optional parameter name
-     * @param shortValue
+     * @param byteValue
      *        the data value
      * @param bOut
      *        boolean true if the data value is being registered as an output parameter
@@ -7191,9 +7197,10 @@ final boolean readingResponse() {
      *
      * @param logContext
      *        the string describing the context for this command.
-     * @param timeoutSeconds
-     *        (optional) the time before which the command must complete before it is interrupted. A value of 0 means no
-     *        timeout.
+     * @param queryTimeoutSeconds
+     *        the time before which the command must complete before it is interrupted. A value of 0 means no timeout.
+     * @param cancelQueryTimeoutSeconds
+     *        the time to cancel the query timeout A value of 0 means no timeout.
      */
     TDSCommand(String logContext, int queryTimeoutSeconds, int cancelQueryTimeoutSeconds) {
         this.logContext = logContext;

src/main/java/com/microsoft/sqlserver/jdbc/ISQLServerPreparedStatement.java

@@ -750,7 +750,7 @@ void setTimestamp(int parameterIndex, java.sql.Timestamp x, java.util.Calendar c
     /**
      * Returns parameter metadata for the prepared statement.
      * 
-     * @param forceRefresh:
+     * @param forceRefresh
      *        If true the cache will not be used to retrieve the metadata.
      * @return Per the description.
      * @throws SQLServerException

src/main/java/com/microsoft/sqlserver/jdbc/NTLMAuthentication.java

@@ -277,8 +277,8 @@ private class NTLMContext {
          *        domain name to authentication in using NTLM
          * @param userName
          *        user name
-         * @param password
-         *        password
+         * @param passwordHash
+         *        password hash
          * @param workstation
          *        hostname of the workstation
          * @throws SQLServerException
@@ -326,8 +326,8 @@ private class NTLMContext {
      *        domain name used for NTLM authentication
      * @param userName
      *        domain user
-     * @param password
-     *        domain password
+     * @param passwordHash
+     *        password hash
      * @param workstation
      *        hostname of the workstation
      * @throws SQLServerException

src/main/java/com/microsoft/sqlserver/jdbc/PLPInputStream.java

@@ -353,7 +353,7 @@ private int readBytesInternal(byte[] b, int offset, int maxBytes) throws SQLServ
     /**
      * Marks the current position in this input stream.
      * 
-     * @param readlimit
+     * @param readLimit
      *        the number of bytes to hold (this implementation ignores this).
      */
     @Override

src/main/java/com/microsoft/sqlserver/jdbc/ParameterUtils.java

@@ -42,16 +42,16 @@ static byte CharToHex(char CTX) throws SQLServerException {
     }
 
     /**
-     * Locates the first occurrence of [c] in [sql] starting at [offset], where [sql] is a SQL statement string, which
+     * Locates the first occurrence of [ch] in [sql] starting at [offset], where [sql] is a SQL statement string, which
      * may contain any combination of:
      *
      * - Literals, enclosed in single quotes (') - Literals, enclosed in double quotes (") - Escape sequences, enclosed
      * in square brackets ([]) - Escaped escapes or literal delimiters (i.e. '', "", or ]]) in the above - Single-line
      * comments, beginning in -- and continuing to EOL - Multi-line comments, enclosed in C-style comment delimiters
      *
-     * and [c] is not contained any of the above.
+     * and [ch] is not contained any of the above.
      *
-     * @param c
+     * @param ch
      *        the character to search for
      * @param sql
      *        the SQL string to search in

src/main/java/com/microsoft/sqlserver/jdbc/SQLServerBulkCopy.java

@@ -46,6 +46,7 @@
 import java.util.logging.Level;
 
 import javax.sql.RowSet;
+
 import microsoft.sql.DateTimeOffset;
 
 
@@ -2717,7 +2718,7 @@ private void writeSqlVariant(TDSWriter tdsWriter, Object colValue, ResultSet sou
     /**
      * Write header for sql_variant
      * 
-     * @param length:
+     * @param length
      *        length of base type + Basetype + probBytes
      * @param tdsType
      * @param probBytes

src/main/java/com/microsoft/sqlserver/jdbc/SQLServerConnection.java

@@ -2518,14 +2518,14 @@ static int timerRemaining(long timerExpire) {
      * @param timeOutsliceInMillisForFullTimeout
      * @throws SQLServerException
      */
-    private void connectHelper(ServerPortPlaceHolder serverInfo, int timeOutsliceInMillis, int timeOutFullInSeconds,
+    private void connectHelper(ServerPortPlaceHolder serverInfo, int timeOutSliceInMillis, int timeOutFullInSeconds,
             boolean useParallel, boolean useTnir, boolean isTnirFirstAttempt,
             int timeOutsliceInMillisForFullTimeout) throws SQLServerException {
         // Make the initial tcp-ip connection.
 
         if (connectionlogger.isLoggable(Level.FINE)) {
             connectionlogger.fine(toString() + " Connecting with server: " + serverInfo.getServerName() + " port: "
-                    + serverInfo.getPortNumber() + " Timeout slice: " + timeOutsliceInMillis + " Timeout Full: "
+                    + serverInfo.getPortNumber() + " Timeout slice: " + timeOutSliceInMillis + " Timeout Full: "
                     + timeOutFullInSeconds);
         }
 
@@ -2543,7 +2543,7 @@ private void connectHelper(ServerPortPlaceHolder serverInfo, int timeOutsliceInM
             tdsChannel.open(serverInfo.getServerName(), serverInfo.getPortNumber(), 0, useParallel, useTnir,
                     isTnirFirstAttempt, timeOutsliceInMillisForFullTimeout);
         else
-            tdsChannel.open(serverInfo.getServerName(), serverInfo.getPortNumber(), timeOutsliceInMillis, useParallel,
+            tdsChannel.open(serverInfo.getServerName(), serverInfo.getPortNumber(), timeOutSliceInMillis, useParallel,
                     useTnir, isTnirFirstAttempt, timeOutsliceInMillisForFullTimeout);
 
         setState(State.Connected);
@@ -4816,8 +4816,12 @@ private byte[] encryptPassword(String pwd) {
     /**
      * Send a TDS 7.x logon packet.
      * 
-     * @param secsTimeout
-     *        (optional) if non-zero, seconds to wait for logon to be sent.
+     * @param logonCommand
+     *        the logon command
+     * @param authentication
+     *        SSPI authentication
+     * @param fedAuthFeatureExtensionData
+     *        fedauth feature extension data
      * @throws SQLServerException
      */
     private void sendLogon(LogonCommand logonCommand, SSPIAuthentication authentication,
@@ -6300,8 +6304,6 @@ public void setStatementPoolingCacheSize(int value) {
 
     /**
      * Prepares the cache handle.
-     * 
-     * @param value
      */
     private void prepareCache() {
         preparedStatementHandleCache = new Builder<CityHash128Key, PreparedStatementHandle>()

src/main/java/com/microsoft/sqlserver/jdbc/SQLServerXAResource.java

@@ -24,7 +24,7 @@
 
 
 /**
- * Impelments Transaction id used to recover transactions.
+ * Implements Transaction id used to recover transactions.
  */
 final class XidImpl implements Xid {
     private final int formatId;
@@ -844,18 +844,30 @@ public Xid[] recover(int flags) throws XAException {
                 formatId += x;
                 power = power * 256;
             }
-            offset += 4;
-            int gid_len = (r.bData[offset++] & 0x00FF);
-            int bid_len = (r.bData[offset++] & 0x00FF);
-            byte gid[] = new byte[gid_len];
-            byte bid[] = new byte[bid_len];
-            System.arraycopy(r.bData, offset, gid, 0, gid_len);
-            offset += gid_len;
-            System.arraycopy(r.bData, offset, bid, 0, bid_len);
-            offset += bid_len;
-            XidImpl xid = new XidImpl(formatId, gid, bid);
-            al.add(xid);
+
+            try {
+                offset += 4;
+                int gid_len = (r.bData[offset++] & 0x00FF);
+                int bid_len = (r.bData[offset++] & 0x00FF);
+                byte gid[] = new byte[gid_len];
+                byte bid[] = new byte[bid_len];
+                System.arraycopy(r.bData, offset, gid, 0, gid_len);
+                offset += gid_len;
+                System.arraycopy(r.bData, offset, bid, 0, bid_len);
+                offset += bid_len;
+                XidImpl xid = new XidImpl(formatId, gid, bid);
+                al.add(xid);
+            } catch (ArrayIndexOutOfBoundsException e) {
+                MessageFormat form = new MessageFormat(SQLServerException.getErrString("R_indexOutOfRange"));
+                Object[] msgArgs = {offset};
+                XAException xex = new XAException(form.format(msgArgs));
+                xex.errorCode = XAException.XAER_RMERR;
+                if (xaLogger.isLoggable(Level.FINER))
+                    xaLogger.finer(toString() + " exception:" + xex);
+                throw xex;
+            }
         }
+
         XidImpl xids[] = new XidImpl[al.size()];
         for (int i = 0; i < al.size(); i++) {
             xids[i] = al.get(i);

src/main/java/com/microsoft/sqlserver/jdbc/dtv.java

@@ -740,14 +740,16 @@ private void sendTemporal(DTV dtv, JavaType javaType, Object value) throws SQLSe
                 switch (typeInfo.getSSType()) {
                     case DATETIME:
                     case DATETIME2:
-                        /* Default and max fractional precision is 7 digits (100ns)
-                         * Send DateTime2 to DateTime columns to let the server handle nanosecond rounding. Also
-                         * adjust scale accordingly to avoid rounding on driver's end.
+                        /*
+                         * Default and max fractional precision is 7 digits (100ns) Send DateTime2 to DateTime columns
+                         * to let the server handle nanosecond rounding. Also adjust scale accordingly to avoid rounding
+                         * on driver's end.
                          */
-                        int scale = (typeInfo.getSSType() == SSType.DATETIME) ? typeInfo.getScale() + 4 : typeInfo.getScale();
+                        int scale = (typeInfo.getSSType() == SSType.DATETIME) ? typeInfo.getScale() + 4
+                                                                              : typeInfo.getScale();
                         tdsWriter.writeRPCDateTime2(name,
-                                timestampNormalizedCalendar(calendar, javaType, conn.baseYear()), subSecondNanos,
-                                scale, isOutParam);
+                                timestampNormalizedCalendar(calendar, javaType, conn.baseYear()), subSecondNanos, scale,
+                                isOutParam);
 
                         break;
 
@@ -1699,11 +1701,11 @@ else if ((JDBCType.VARCHAR == jdbcTypeSetByUser) || (JDBCType.CHAR == jdbcTypeSe
                 case DATETIMEOFFSET:
                     op.execute(this, (microsoft.sql.DateTimeOffset) value);
                     break;
-                    
+
                 case GEOMETRY:
                     op.execute(this, ((Geometry) value).serialize());
                     break;
-                    
+
                 case GEOGRAPHY:
                     op.execute(this, ((Geography) value).serialize());
                     break;
@@ -2160,7 +2162,7 @@ void execute(DTV dtv, BigDecimal bigDecimalValue) throws SQLServerException {
                     }
                 } else
                     dtvScale = dtv.getScale();
-                if (dtvScale != null && dtvScale != biScale)
+                if (null != dtvScale && 0 != Integer.compare(dtvScale, biScale))
                     bigDecimalValue = bigDecimalValue.setScale(dtvScale, RoundingMode.DOWN);
             }
             dtv.setValue(bigDecimalValue, JavaType.BIGDECIMAL);
@@ -3609,7 +3611,9 @@ Object denormalizedValue(byte[] decryptedValue, JDBCType jdbcType, TypeInfo base
             }
 
             case DATETIME: {
-                if (8 != decryptedValue.length) {
+                int ticksSinceMidnight = (Util.readInt(decryptedValue, 4) * 10 + 1) / 3;
+
+                if (8 != decryptedValue.length || Integer.MAX_VALUE < ticksSinceMidnight) {
                     MessageFormat form = new MessageFormat(SQLServerException.getErrString("R_NormalizationErrorAE"));
                     throw new SQLServerException(form.format(new Object[] {baseSSType}), null, 0, null);
                 }
@@ -3618,7 +3622,7 @@ Object denormalizedValue(byte[] decryptedValue, JDBCType jdbcType, TypeInfo base
                 // (January 1, 1900 00:00:00 GMT) and 4 bytes for
                 // the number of three hundredths (1/300) of a second since midnight.
                 return DDC.convertTemporalToObject(jdbcType, SSType.DATETIME, cal, Util.readInt(decryptedValue, 0),
-                        (Util.readInt(decryptedValue, 4) * 10 + 1) / 3, 0);
+                        ticksSinceMidnight, 0);
             }
 
             case DATETIMEOFFSET: {