ecf038d6ffb92810ba087da6e0cc81e095e083b2 - platform_packages_providers_TelephonyProvider

commit	ecf038d6ffb92810ba087da6e0cc81e095e083b2	[log] [tgz]
author	Hall Liu <hallliu@google.com>	Wed Jul 17 15:51:07 2019 -0700
committer	Hall Liu <hallliu@google.com>	Wed Jul 17 17:40:15 2019 -0700
tree	e00f420381b127ab7a040d5b0554aff272aacafd
parent	cf1ea8f8689eac07af267c56af24817dba1b3a95 [diff]

DO NOT MERGE Examine sort field for sensitive fields

Like with the selection field, the sort field poses a risk for SQL
injection attacks that can expose sensitive information. Filter the
supplied sort argument for sensitive fields and check permissions if
it contains any.

Bug: 135268868
Test: CTS
Change-Id: I3ded273feca374410bbe33312e5148ff5096975c

src/com/android/providers/telephony/TelephonyProvider.java[diff]

1 file changed

tree: e00f420381b127ab7a040d5b0554aff272aacafd

assets/
res/
src/
tests/
Android.bp
AndroidManifest.xml
CleanSpec.mk
MODULE_LICENSE_APACHE2
NOTICE
OWNERS