)]}'
{
  "commit": "f683c688d5fcd1c178aad2dc154ae5d7b5c60aa9",
  "tree": "b136c0dc668c14ef5b6a31f8e73bf30b9467bd41",
  "parents": [
    "92e5e5e45c171f88cb30d8044e43e40fd5437416"
  ],
  "author": {
    "name": "Jeff Sharkey",
    "email": "jsharkey@android.com",
    "time": "Wed Jul 17 18:51:28 2019 -0600"
  },
  "committer": {
    "name": "Bryan Ferris",
    "email": "bferris@google.com",
    "time": "Wed Sep 11 23:52:37 2019 +0000"
  },
  "message": "RESTRICT AUTOMERGE\nEnable stricter SQLiteQueryBuilder options.\n\nMalicious callers can leak side-channel information by using\nsubqueries in any untrusted inputs where SQLite allows \"expr\" values.\n\nThis change starts using setStrictColumns() and setStrictGrammar()\non SQLiteQueryBuilder to block this class of attacks.  This means we\nnow need to define the projection mapping of valid columns, which\nconsists of both the columns defined in the public API and columns\nread internally by DownloadInfo.Reader.\n\nWe\u0027re okay growing sAppReadableColumnsSet like this, since we\u0027re\nrelying on our trusted WHERE clause to filter away any rows that\ndon\u0027t belong to the calling UID.\n\nRemove the legacy Lexer code, since we\u0027re now internally relying on\nthe robust and well-tested SQLiteTokenizer logic.\n\nBug: 135270103, 135269143\nTest: cts-tradefed run cts -m CtsAppTestCases -t android.app.cts.DownloadManagerTest\nChange-Id: Iec1e8ce18dc4a9564318e0473d9d3863c8c2988a\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "5baaeb30e2335b92fa81ba3cb66518be4fa62345",
      "old_mode": 33188,
      "old_path": "core/java/android/app/DownloadManager.java",
      "new_id": "07595ea8dbda286964e4eb7d940fe074de3779bd",
      "new_mode": 33188,
      "new_path": "core/java/android/app/DownloadManager.java"
    }
  ]
}