Google Git
Sign in
android / platform / frameworks / base / 48ed835468c6235905459e6ef7df032baf3e4df6
commit48ed835468c6235905459e6ef7df032baf3e4df6[log] [tgz]
authorTom Taylor <tomtaylor@google.com>Wed Oct 15 10:20:17 2014 -0700
committerTom Taylor <tomtaylor@google.com>Wed Oct 15 10:20:17 2014 -0700
tree5357d048b894a0077381dd84c5510211eda975b9
parent8e0297155075f9772dd6e8b8194da074dca008f8 [diff]
Externally Reported Moderate Security Issue: SQL Injection in WAPPushManager

Bug 17969135

Use query (instead of rawQuery) and pass in arguments instead of building
the query with a giant string. Add a unit test that fails with the old
code but passes with the new code.

Change-Id: Id04a1db6fb95fcd923e1f36f5ab3b94402590918
2 files changed
tree: 5357d048b894a0077381dd84c5510211eda975b9
  1. api/
  2. cmds/
  3. core/
  4. data/
  5. docs/
  6. drm/
  7. graphics/
  8. include/
  9. keystore/
  10. libs/
  11. location/
  12. media/
  13. native/
  14. nfc-extras/
  15. obex/
  16. opengl/
  17. packages/
  18. policy/
  19. rs/
  20. samples/
  21. sax/
  22. services/
  23. telecomm/
  24. telephony/
  25. test-runner/
  26. tests/
  27. tools/
  28. wifi/
  29. Android.mk
  30. CleanSpec.mk
  31. MODULE_LICENSE_APACHE2
  32. NOTICE
  33. preloaded-classes