Commit 136692bd authored by Committed by android-build-team Robot
DO NOT MERGE. Extend SQLiteQueryBuilder for update and delete.
Developers often accept selection clauses from untrusted code, and SQLiteQueryBuilder already supports a "strict" mode to help catch SQL injection attacks. This change extends the builder to support update() and delete() calls, so that we can help secure those selection clauses too. Bug: 111085900 Test: atest packages/providers/DownloadProvider/tests/ Test: atest cts/tests/app/src/android/app/cts/DownloadManagerTest.java Test: atest cts/tests/tests/database/src/android/database/sqlite/cts/SQLiteQueryBuilderTest.java Change-Id: Ib4fc8400f184755ee7e971ab5f2095186341730c Merged-In: Ib4fc8400f184755ee7e971ab5f2095186341730c (cherry picked from commit 09d49531)
Showing with 218 additions and 30 deletions
This diff is collapsed.