Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / frameworks / base / bfb7ffeb3e240784c1ea2a50187c120e6445b20e
commitbfb7ffeb3e240784c1ea2a50187c120e6445b20e[log] [tgz]
authorTom Taylor <tomtaylor@google.com>Wed Oct 15 09:45:39 2014 -0700
committerTom Taylor <tomtaylor@google.com>Wed Oct 15 09:45:39 2014 -0700
tree550dff25f209681ffc502ab9b06268a587c33f98
parent27d3b9264e2dcfb86400a60891a5e39cdf027d55 [diff]
Externally Reported Moderate Security Issue: SQL Injection in WAPPushManager

Bug 17969135

Use query (instead of rawQuery) and pass in arguments instead of building
the query with a giant string. Add a unit test that fails with the old
code but passes with the new code.

Change-Id: Id04a1db6fb95fcd923e1f36f5ab3b94402590918
2 files changed
tree: 550dff25f209681ffc502ab9b06268a587c33f98
  1. api/
  2. cmds/
  3. core/
  4. data/
  5. docs/
  6. drm/
  7. graphics/
  8. icu4j/
  9. include/
  10. keystore/
  11. libs/
  12. location/
  13. media/
  14. native/
  15. nfc-extras/
  16. obex/
  17. opengl/
  18. packages/
  19. policy/
  20. samples/
  21. sax/
  22. services/
  23. telephony/
  24. test-runner/
  25. tests/
  26. tools/
  27. voip/
  28. wifi/
  29. Android.mk
  30. CleanSpec.mk
  31. MODULE_LICENSE_APACHE2
  32. NOTICE
  33. preloaded-classes