DO NOT MERGE Fix the remaining holes for access to APN data

Add the following checks for preventing unauthorized access to the APN
username and password fields in the carrier db:
1. Check the query for sensitive fields no matter what URI is being
queried
2. Perform a case-insensitive search for sensitive fields
3. Always check the permission for accessing username/password if any
part of the query contains a subquery (detected via looking for the
"select" token).

Bug: 138802882
Test: CTS
Change-Id: I59b297642d2000dde0a83f77b20112c7382b7ef1
(cherry picked from commit 30a633ac17b2a6f35068cbb57c8f12c5c683b5f6)
1 file changed