Closed Bug 1569236 Opened 4 months ago Closed 4 months ago

sqlList is unsafe

Categories

(Toolkit :: Places, defect, P2)

defect
Points:
2

Tracking

()

RESOLVED FIXED
mozilla70
Iteration:
70.2 - Jul 22 - Aug 4
Tracking Status
firefox70 --- fixed

People

(Reporter: mak, Assigned: mak)

References

(Blocks 1 open bug)

Details

Attachments

(1 file)

our sqlList is unsafe, it just takes strings and puts them toghether in an IN clause. that is breaking badly if a url contains a quote.
Even if it's slower, we should bind.

Blocks: 1410877
Pushed by mak77@bonardo.net:
https://hg.mozilla.org/integration/autoland/rev/f76f8522c4a3
bind history and bookmarks IN() clauses for safety reasons. r=Standard8
Status: ASSIGNED → RESOLVED
Closed: 4 months ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla70
You need to log in before you can comment on or make changes to this bug.