RESTRICT AUTOMERGE Strict SQLiteQueryBuilder needs to be stricter. (0e66ea6f) · Commits · Android-smartphones / realme / realme 5pro / kaderbava / frameworks_base

Commit 0e66ea6f authored Jul 16, 2019 by Jeff Sharkey Committed by Bryan Ferris Sep 10, 2019

RESTRICT AUTOMERGE Strict SQLiteQueryBuilder needs to be stricter.

Malicious callers can leak side-channel information by using
subqueries in any untrusted inputs where SQLite allows "expr" values.

This change offers setStrictGrammar() to prevent this by outright
blocking subqueries in WHERE and HAVING clauses, and by requiring
that GROUP BY and ORDER BY clauses be composed only of valid columns.

This change also offers setStrictColumns() to require that all
untrusted column names are valid, such as those in ContentValues.

Relaxes to always allow aggregation operators on returned columns,
since untrusted callers can always calculate these manually.

Bug: 135270103, 135269143
Test: atest android.database.sqlite.cts.SQLiteQueryBuilderTest
Test: atest FrameworksCoreTests:android.database.sqlite.SQLiteTokenizerTest
Change-Id: I0dacb53170ce573a2fe103cbff455782bfdb5d41

parent 13f49c42

Expand all Hide whitespace changes

Inline Side-by-side

Please register or to comment