commit | 70e7eae2da6684b884a6d88cd72057c8dc8cba6a | [log] [tgz] |
---|---|---|
author | Sahana Rao <sahanas@google.com> | Tue Apr 28 19:15:56 2020 +0100 |
committer | Sahana Rao <sahanas@google.com> | Tue Apr 28 20:19:41 2020 +0100 |
tree | aa8c4c4cd5a68eb92c02037b3a24d75677df7468 | |
parent | 76bdc0727a13c253e73d6f159cda92e4b571a769 [diff] |
Escape single quote character while binding selection args. Selection args may include single quotes and appending them as it is may cause sql injection. Changed bindSelection to escape single quote character. Test: DatabaseUtilsTest#testBindSelection_singleQuoteCharacter Bug: 154189383 Change-Id: I2d6e7c4a9026fd47a9ef839ba29bec0b024ca745