OSDN Git Service

(root) / android-x86 / frameworks-base.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d71b116) | patch
DO NOT MERGE. Extend SQLiteQueryBuilder for update and delete.
authorJeff Sharkey <jsharkey@android.com>
Wed, 25 Jul 2018 20:52:14 +0000 (14:52 -0600)
committerRyan Longair <rlongair@google.com>
Thu, 30 Aug 2018 20:34:10 +0000 (13:34 -0700)
commit2ae9ec96dcf5fe5434486e56d32073022495f987
tree814c4cc071b96e4d6396096973cbb3222d68fdfbtree | snapshot
parentd71b1163dd048625f39926af563aaf5223effa47commit | diff
DO NOT MERGE. Extend SQLiteQueryBuilder for update and delete.

Developers often accept selection clauses from untrusted code, and
SQLiteQueryBuilder already supports a "strict" mode to help catch
SQL injection attacks.  This change extends the builder to support
update() and delete() calls, so that we can help secure those
selection clauses too.

Bug: 111085900
Test: atest packages/providers/DownloadProvider/tests/
Test: atest cts/tests/app/src/android/app/cts/DownloadManagerTest.java
Test: atest cts/tests/tests/database/src/android/database/sqlite/cts/SQLiteQueryBuilderTest.java
Change-Id: Ib4fc8400f184755ee7e971ab5f2095186341730c
Merged-In: Ib4fc8400f184755ee7e971ab5f2095186341730c
(cherry picked from commit 8e95967f092b4ffa593861452e55621b4e528acf)
core/java/android/database/sqlite/SQLiteDatabase.java diff | blob | history
core/java/android/database/sqlite/SQLiteQueryBuilder.java diff | blob | history
frameworks/base
About OSDN
Find Software
Develop Software
Help