Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / packages / providers / MediaProvider / 70e7eae2da6684b884a6d88cd72057c8dc8cba6a
commit70e7eae2da6684b884a6d88cd72057c8dc8cba6a[log] [tgz]
authorSahana Rao <sahanas@google.com>Tue Apr 28 19:15:56 2020 +0100
committerSahana Rao <sahanas@google.com>Tue Apr 28 20:19:41 2020 +0100
treeaa8c4c4cd5a68eb92c02037b3a24d75677df7468
parent76bdc0727a13c253e73d6f159cda92e4b571a769 [diff]
Escape single quote character while binding selection args.

Selection args may include single quotes and appending them as it is
may cause sql injection.

Changed bindSelection to escape single quote character.

Test: DatabaseUtilsTest#testBindSelection_singleQuoteCharacter
Bug: 154189383
Change-Id: I2d6e7c4a9026fd47a9ef839ba29bec0b024ca745
2 files changed
tree: aa8c4c4cd5a68eb92c02037b3a24d75677df7468
  1. apex/
  2. jni/
  3. legacy/
  4. res/
  5. src/
  6. tests/
  7. tools/
  8. .clang-format
  9. Android.bp
  10. AndroidManifest.xml
  11. CleanSpec.mk
  12. deploy.sh
  13. gen_strings.py
  14. logging.sh
  15. MODULE_LICENSE_APACHE2
  16. NOTICE
  17. OWNERS
  18. PREUPLOAD.cfg
  19. proguard.flags
  20. sqlite3.sh
  21. TEST_MAPPING
  22. trace.sh