Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / frameworks / base / 790ac852b365ab77a895da9b48f925caf8fde729
commit790ac852b365ab77a895da9b48f925caf8fde729[log] [tgz]
authorTom Taylor <tomtaylor@google.com>Tue Oct 14 13:38:17 2014 -0700
committerTom Taylor <tomtaylor@google.com>Tue Oct 14 21:45:22 2014 +0000
tree8af4d58c241e6601d1a1c4e089a3cfef07f9bdc1
parent4f89e3b215c731a34b3ab8c300539f96e3f22459 [diff]
Externally Reported Moderate Security Issue: SQL Injection in WAPPushManager

Bug 17969135 

Use query (instead of rawQuery) and pass in arguments instead of building
the query with a giant string. Add a unit test that fails with the old
code but passes with the new code.

Change-Id: Id04a1db6fb95fcd923e1f36f5ab3b94402590918
2 files changed
tree: 8af4d58c241e6601d1a1c4e089a3cfef07f9bdc1
  1. api/
  2. cmds/
  3. core/
  4. data/
  5. docs/
  6. drm/
  7. graphics/
  8. include/
  9. keystore/
  10. libs/
  11. location/
  12. media/
  13. native/
  14. nfc-extras/
  15. obex/
  16. opengl/
  17. packages/
  18. policy/
  19. rs/
  20. samples/
  21. sax/
  22. services/
  23. telecomm/
  24. telephony/
  25. test-runner/
  26. tests/
  27. tools/
  28. wifi/
  29. Android.mk
  30. CleanSpec.mk
  31. MODULE_LICENSE_APACHE2
  32. NOTICE
  33. preloaded-classes