keejef
/
session-android
mirror of https://github.com/oxen-io/session-android
1
0
Fork 0
Code Issues 1 Projects Releases Wiki Activity

Prevent us from sql injecting ourselves on backup/restore

Browse Source 
Fixes #7478
pull/1/head
Moxie Marlinspike 7 years ago
parent 9fb67b9f03
commit a2d04f4806
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File

2
src/org/thoughtcrime/securesms/backup/FullBackupExporter.java
Unescape Escape View File

@ -143,7 +143,7 @@ public class FullBackupExporter extends FullBackupBase {
for (int i=0;i<cursor.getColumnCount();i++) {
if (cursor.getType(i) == Cursor.FIELD_TYPE_STRING) {
statement.append('\'');
statement.append(cursor.getString(i));
statement.append(cursor.getString(i).replace("'", "\\'"));
statement.append('\'');
} else if (cursor.getType(i) == Cursor.FIELD_TYPE_FLOAT) {
statement.append(cursor.getFloat(i));

Write Preview
Loading…
Cancel
Save