Closed Bug 1569236 Opened 5 years ago Closed 5 years ago

sqlList is unsafe

Tracking

()

Status:

RESOLVED FIXED

Milestone:

mozilla70

Iteration:

70.2 - Jul 22 - Aug 4

Tracking Flags:

Tracking

Status

firefox70

---

fixed

People

(Reporter: mak, Assigned: mak)

References

(Blocks 1 open bug)

Details

Attachments

(1 file)

Bug 1569236 - bind history and bookmarks IN() clauses for safety reasons. r=Standard8 5 years ago Marco Bonardo [:mak] (deleted), text/x-phabricator-request		Details

Marco Bonardo [:mak]

Assignee

Description

•

5 years ago

our sqlList is unsafe, it just takes strings and puts them toghether in an IN clause. that is breaking badly if a url contains a quote.
Even if it's slower, we should bind.

Marco Bonardo [:mak]

Assignee

Comment 1

•

5 years ago

Attached file Bug 1569236 - bind history and bookmarks IN() clauses for safety reasons. r=Standard8 (deleted) — Details

Marco Bonardo [:mak]

Assignee

Updated

•

5 years ago

Blocks: 1410877

Pulsebot

Comment 2

•

5 years ago

Pushed by mak77@bonardo.net: https://hg.mozilla.org/integration/autoland/rev/f76f8522c4a3 bind history and bookmarks IN() clauses for safety reasons. r=Standard8

Razvan Maries

Comment 3

•

5 years ago

bugherder

https://hg.mozilla.org/mozilla-central/rev/f76f8522c4a3

Status: ASSIGNED → RESOLVED

Closed: 5 years ago

status-firefox70: --- → fixed

Resolution: --- → FIXED

Target Milestone: --- → mozilla70

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

sqlList is unsafe

Categories

(Toolkit :: Places, defect, P2)

Tracking

()

People

(Reporter: mak, Assigned: mak)

References

(Blocks 1 open bug)

Details

Crash Data

Security

(public)

User Story

Attachments

(1 file)

Description

Comment 1

Updated

Comment 2

Comment 3

Attachment

General

Description

File Name

Content Type