Let’s talk about Improper Resource Shutdown

MRunal
4 min readOct 27, 2020

The program does not deliver or inaccurately releases a resource before it is made available for re-use. the function fails to release a lock it acquires, which might lead to a deadlock.

1. Android SQLite Database

The Android project fails to release the Android database handler in its onPause(), onStop(), or onDestroy() event handlers.An Android activity declines or sinks to release the Android database handler in its onPause(), onStop(), or onDestroy() event handlers.

The Android activity controls an Android SQLite database handler that is not covered in onPause(), onStop(), or onDestroy() callback. The Android OS requests these callbacks whenever it needs to send the prevailing activity to the background, or when it requires to temporarily destroy the activity when system sources are low. By failing to close the database properly, the activity can potentially exhaust the device of ready cursors if the activity is regularly restarted. In addition, depending on the implementation, the Android operating system can also throw DatabaseObjectNotClosedException, which breaks the application if the exception is not detected.

The following code represents an Android activity that caches user data and writes the data to disk when the activity is stopped. Note that does not override the base onPause(), which should be used to release the database object, nor does it properly release it during its shutdown sequence order.

public class MyDBHelper extends SQLiteOpenHelper {
...
}public class UnreleasedDBActivity extends Activity {
private myDBHelper dbHelper;
private SQLiteDatabase db;@Override
public void onCreate(Bundle state) {
...
db = dbHelper.getWritableDatabase();
...
}@Override
public void onRestart() {
...
}@Override
public void onStop() {
db.insert(cached_data);     // flush cached data
}
}

Recommendation

If the application uses an SQLite database, it must ever override the onPause() method of your activity, as well as at least one of them onStop() and onDestroy() methods. In each of these processes, guarantee that you call close() on the database handler or object to…

MRunal

Written by MRunal

956 Followers

Blogger | Security Researcher | Digital forensic analyst | Twitter — @mrunal110

More from MRunal

Recommended from Medium

Lists

General Coding Knowledge

Stories to Help You Grow as a Software Developer

This One Prompt Will 10X Your Chat GPT Results

ChatGPT prompts

Coding & Development