Closed
Bug 395974
Opened 17 years ago
Closed 16 years ago
our storage unit tests cause "WARNING: Unsafe use of LIKE detected!" warnings
Categories
(Toolkit :: Storage, defect)
Toolkit
Storage
Tracking
()
RESOLVED
FIXED
mozilla1.9beta5
People
(Reporter: moco, Assigned: ondrej)
References
Details
Attachments
(1 file)
5.25 KB,
patch
|
sdwilsh
:
review+
|
Details | Diff | Splinter Review |
our storage unit tests cause "WARNING: Unsafe use of LIKE detected!" warnings WARNING: Unsafe use of LIKE detected! Please ensure that you are usi ng mozIStorageConnection::escapeStringForLIKE and that you are binding that result to the statement to prevent SQL injection attacks.: file c:/builds/trunk/mozilla/storage/src/mozStorageStatement.cpp, line 175 for example: var stmt = createStatement("SELECT x FROM t1 WHERE x LIKE 'abc';"); shawn writes: Yeah, I noticed that when I had some failed tests too ;) We could properly bind the parameters, but at the same time, we don't need to here, so I'm rather indifferent. I wrote: given that we have this this warning on usage usuage change, and that people tend to copy and paste code (even from tests), I think we should fix it. but it is not a high priority.
Comment 1•17 years ago
|
||
I'm still indifferent - I don't expect people to copy that test file's syntax, but I could be wrong :/
Assignee | ||
Updated•16 years ago
|
Assignee: nobody → ondrej
Assignee | ||
Comment 2•16 years ago
|
||
I found this bug when analyzing 419642 and removing false warnings there. So I decided to fix this too.
Attachment #307465 -
Flags: review?(sdwilsh)
Assignee | ||
Comment 3•16 years ago
|
||
Should I nominate this or is it not necessary?
Status: NEW → ASSIGNED
Flags: blocking1.9?
Comment 4•16 years ago
|
||
Comment on attachment 307465 [details] [diff] [review] Bind the value to avoid WARNING (In reply to comment #3) > Should I nominate this or is it not necessary? Don't bother - it's tests so you can land it without approval even. Looks like our unicode tests were already done this way - yay! r=sdwilsh
Attachment #307465 -
Flags: review?(sdwilsh) → review+
Assignee | ||
Updated•16 years ago
|
Keywords: checkin-needed
Comment 5•16 years ago
|
||
Checking in storage/test/unit/test_like.js; /cvsroot/mozilla/storage/test/unit/test_like.js,v <-- test_like.js new revision: 1.3; previous revision: 1.2 done
Status: ASSIGNED → RESOLVED
Closed: 16 years ago
Keywords: checkin-needed
Resolution: --- → FIXED
Target Milestone: --- → mozilla1.9beta5
Assignee | ||
Updated•16 years ago
|
Flags: blocking1.9?
You need to log in
before you can comment on or make changes to this bug.
Description
•