G-8310 (validate input parameter) false positive for internal private subprograms?
ffm145 opened this issue · comments
If inside a procedure or function is a private subprogram then it's not necessary to validate the input parameters!?
create or replace procedure demo(i_para in number) authid definer
is
c_para constant pls_integer not null:=i_para;
procedure internal(i_para in number) is
begin
null;
end internal;
begin
internal(i_para => c_para);
null;
end demo;
(G-8310: Always validate input parameter size by assigning the parameter to a size limited variable in the declaration section of program unit.)
If inside a procedure or function is a private subprogram then it's not necessary to validate the input parameters!?
Not in this case. However, there are cases where this might be useful.
IMO the rule is implemented correctly. If you think there should be an exception for private subprograms then I suggest to open a issue in this repository: https://github.com/Trivadis/plsql-and-sql-coding-guidelines .