зеркало из https://github.com/mozilla/gecko-dev.git
Bug 423159 ? WARNING: Unsafe use of LIKE detected! (for mak77@supereva.it, r=dietrich)
This commit is contained in:
dietrich@mozilla.com
Родитель
492d3c524e
Коммит
188423e517
|
|
@ -4390,10 +4390,19 @@ nsNavHistory::OnIdle()
|
||||||
nsCOMPtr<mozIStorageStatement> detectBogusIndex;
|
nsCOMPtr<mozIStorageStatement> detectBogusIndex;
|
||||||
rv = mDBConn->CreateStatement(NS_LITERAL_CSTRING(
|
rv = mDBConn->CreateStatement(NS_LITERAL_CSTRING(
|
||||||
"SELECT name FROM sqlite_master WHERE type = 'index' AND "
|
"SELECT name FROM sqlite_master WHERE type = 'index' AND "
|
||||||
"name = 'moz_places_visitcount' AND sql LIKE '%rev_host%'"),
|
"name = 'moz_places_visitcount' AND sql LIKE ?1 ESCAPE '/'"),
|
||||||
getter_AddRefs(detectBogusIndex));
|
getter_AddRefs(detectBogusIndex));
|
||||||
NS_ENSURE_SUCCESS(rv, rv);
|
NS_ENSURE_SUCCESS(rv, rv);
|
||||||
|
|
||||||
|
nsAutoString escapedString;
|
||||||
|
rv = detectBogusIndex->EscapeStringForLIKE(NS_LITERAL_STRING("rev_host"),
|
||||||
|
'/', escapedString);
|
||||||
|
NS_ENSURE_SUCCESS(rv, rv);
|
||||||
|
rv = detectBogusIndex->BindStringParameter(0, NS_LITERAL_STRING("%") +
|
||||||
|
escapedString +
|
||||||
|
NS_LITERAL_STRING("%"));
|
||||||
|
NS_ENSURE_SUCCESS(rv, rv);
|
||||||
|
|
||||||
PRBool hasResult;
|
PRBool hasResult;
|
||||||
rv = detectBogusIndex->ExecuteStep(&hasResult);
|
rv = detectBogusIndex->ExecuteStep(&hasResult);
|
||||||
NS_ENSURE_SUCCESS(rv, rv);
|
NS_ENSURE_SUCCESS(rv, rv);
|
||||||
|
|
|
||||||
Загрузка…
Ссылка в новой задаче