Android 9.0.0 release 48
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----
DO NOT MERGE. All untrusted selections must go through builder.
When accepting untrusted selections, they must be passed directly
to SQLiteQueryBuilder to ensure that setStrict() can be applied to
check for malicious callers sending unbalanced parentheses. This
means we can't mix local and remote selections; they always need to
be kept separate.
Use newly added SQLiteQueryBuilder functionality to apply strict
detection to update() and delete() calls.
Only allow the owner of a particular download to query the headers
for that download. Only delete headers for a download once we've
confirmed that caller can modify that download.
Test: atest packages/providers/DownloadProvider/tests/
Test: atest cts/tests/app/src/android/app/cts/DownloadManagerTest.java
(cherry picked from commit 64b55ea82b1f394369237601ae1f1c78b776aabc)
1 file changed