Gitiles
Code Review Sign In
review.blissroms.org / platform_packages_providers_TelephonyProvider / 1e324464f36eff033af64099fe6bb6a7d1ab0463
commit1e324464f36eff033af64099fe6bb6a7d1ab0463[log] [tgz]
authorHall Liu <hallliu@google.com>Wed Jul 17 15:51:07 2019 -0700
committerHall Liu <hallliu@google.com>Wed Jul 24 01:03:41 2019 +0000
tree56ff201bb1178c7f91773b3e5bb559c77356450e
parent9a74213831bac05c1bbc3183ab8e2f182e5e50cb [diff]
Examine sort field for sensitive fields

Like with the selection field, the sort field poses a risk for SQL
injection attacks that can expose sensitive information. Filter the
supplied sort argument for sensitive fields and check permissions if
it contains any.

Bug: 135268868
Test: CTS
Change-Id: I3ded273feca374410bbe33312e5148ff5096975c
Merged-In: I3ded273feca374410bbe33312e5148ff5096975c
Merged-In: Ia7be0ecdfca5e7adf6163dc015a413a98f1b9287
1 file changed
tree: 56ff201bb1178c7f91773b3e5bb559c77356450e
  1. res/
  2. src/
  3. tests/
  4. Android.mk
  5. AndroidManifest.xml
  6. CleanSpec.mk
  7. MODULE_LICENSE_APACHE2
  8. NOTICE