OSDN Git Service

(root) / android-x86 / frameworks-base.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 83fef27) | patch
DO NOT MERGE. Extend SQLiteQueryBuilder for update and delete.
authorJeff Sharkey <jsharkey@android.com>
Wed, 25 Jul 2018 20:52:14 +0000 (14:52 -0600)
committerRyan Longair <rlongair@google.com>
Thu, 30 Aug 2018 20:35:48 +0000 (13:35 -0700)
commit6d2b12ff0b71b302c2e011fa0ff98b61c835a728
tree29ff508d336f1d9b863f6695f8ac4a0e79cf6d56tree | snapshot
parent83fef270c7c99e81302801b006548c6dbcfe7118commit | diff
DO NOT MERGE. Extend SQLiteQueryBuilder for update and delete.

Developers often accept selection clauses from untrusted code, and
SQLiteQueryBuilder already supports a "strict" mode to help catch
SQL injection attacks.  This change extends the builder to support
update() and delete() calls, so that we can help secure those
selection clauses too.

Bug: 111085900
Test: atest packages/providers/DownloadProvider/tests/
Test: atest cts/tests/app/src/android/app/cts/DownloadManagerTest.java
Test: atest cts/tests/tests/database/src/android/database/sqlite/cts/SQLiteQueryBuilderTest.java
Change-Id: Ib4fc8400f184755ee7e971ab5f2095186341730c
Merged-In: Ib4fc8400f184755ee7e971ab5f2095186341730c
(cherry picked from commit 09d49531334ce6bc4ac45de1d3d0edb1495c0566)
core/java/android/database/sqlite/SQLiteDatabase.java diff | blob | history
core/java/android/database/sqlite/SQLiteQueryBuilder.java diff | blob | history
frameworks/base
About OSDN
Find Software
Develop Software
Help