Gitiles
Code Review Sign In
review.blissroms.org / platform_frameworks_base / bc57a1f81317f765865e3e0c00d3421a3084955e
commitbc57a1f81317f765865e3e0c00d3421a3084955e[log] [tgz]
authorTom Taylor <tomtaylor@google.com>Tue Oct 14 13:38:17 2014 -0700
committerTom Taylor <tomtaylor@google.com>Tue Oct 14 16:49:57 2014 -0700
tree1ecfc6927fe255aff717a211100a5b2e5808ecaf
parent528b58623feee609055a31e58bf5e1ea3658bf40 [diff]
Externally Reported Moderate Security Issue: SQL Injection in WAPPushManager

Bug 17969135

Use query (instead of rawQuery) and pass in arguments instead of building
the query with a giant string. Add a unit test that fails with the old
code but passes with the new code.

Change-Id: Id04a1db6fb95fcd923e1f36f5ab3b94402590918
2 files changed
tree: 1ecfc6927fe255aff717a211100a5b2e5808ecaf
  1. api/
  2. cmds/
  3. core/
  4. data/
  5. docs/
  6. drm/
  7. graphics/
  8. include/
  9. keystore/
  10. libs/
  11. location/
  12. media/
  13. native/
  14. nfc-extras/
  15. obex/
  16. opengl/
  17. packages/
  18. policy/
  19. samples/
  20. sax/
  21. services/
  22. telephony/
  23. test-runner/
  24. tests/
  25. tools/
  26. wifi/
  27. Android.mk
  28. CleanSpec.mk
  29. MODULE_LICENSE_APACHE2
  30. NOTICE
  31. preloaded-classes