mirror of
https://github.com/Divested-Mobile/DivestOS-Build.git
synced 2025-01-05 12:50:48 -05:00
f5da93c4e5
Signed-off-by: Tad <tad@spotco.us>
60 lines
2.2 KiB
Diff
60 lines
2.2 KiB
Diff
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
|
From: Kunal Malhotra <malhk@google.com>
|
|
Date: Fri, 2 Jun 2023 23:32:02 +0000
|
|
Subject: [PATCH] Fixing DatabaseUtils to detect malformed UTF-16 strings
|
|
|
|
Test: tested with POC in bug, also using atest
|
|
Bug: 224771621
|
|
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:fb4a72e3943d166088407e61aa4439ac349f3f12)
|
|
Merged-In: Ide65205b83063801971c5778af3154bcf3f0e530
|
|
Change-Id: Ide65205b83063801971c5778af3154bcf3f0e530
|
|
---
|
|
core/java/android/database/DatabaseUtils.java | 32 +++++++++++++------
|
|
1 file changed, 23 insertions(+), 9 deletions(-)
|
|
|
|
diff --git a/core/java/android/database/DatabaseUtils.java b/core/java/android/database/DatabaseUtils.java
|
|
index 8cd3d7b5bc68..534adcd0a37f 100644
|
|
--- a/core/java/android/database/DatabaseUtils.java
|
|
+++ b/core/java/android/database/DatabaseUtils.java
|
|
@@ -337,17 +337,31 @@ public class DatabaseUtils {
|
|
*/
|
|
public static void appendEscapedSQLString(StringBuilder sb, String sqlString) {
|
|
sb.append('\'');
|
|
- if (sqlString.indexOf('\'') != -1) {
|
|
- int length = sqlString.length();
|
|
- for (int i = 0; i < length; i++) {
|
|
- char c = sqlString.charAt(i);
|
|
- if (c == '\'') {
|
|
- sb.append('\'');
|
|
+ int length = sqlString.length();
|
|
+ for (int i = 0; i < length; i++) {
|
|
+ char c = sqlString.charAt(i);
|
|
+ if (Character.isHighSurrogate(c)) {
|
|
+ if (i == length - 1) {
|
|
+ continue;
|
|
+ }
|
|
+ if (Character.isLowSurrogate(sqlString.charAt(i + 1))) {
|
|
+ // add them both
|
|
+ sb.append(c);
|
|
+ sb.append(sqlString.charAt(i + 1));
|
|
+ continue;
|
|
+ } else {
|
|
+ // this is a lone surrogate, skip it
|
|
+ continue;
|
|
}
|
|
- sb.append(c);
|
|
}
|
|
- } else
|
|
- sb.append(sqlString);
|
|
+ if (Character.isLowSurrogate(c)) {
|
|
+ continue;
|
|
+ }
|
|
+ if (c == '\'') {
|
|
+ sb.append('\'');
|
|
+ }
|
|
+ sb.append(c);
|
|
+ }
|
|
sb.append('\'');
|
|
}
|
|
|