Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2025-02-23 10:54:33 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 423159 ? WARNING: Unsafe use of LIKE detected! (for mak77@supereva.it, r=dietrich)

Browse Source
This commit is contained in:
dietrich@mozilla.com 2008-03-26 20:34:07 -07:00
parent 492d3c524e
commit 188423e517
1 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
toolkit/components/places/src/nsNavHistory.cpp
View File

@ -4390,10 +4390,19 @@ nsNavHistory::OnIdle()
nsCOMPtr<mozIStorageStatement> detectBogusIndex;
rv = mDBConn->CreateStatement(NS_LITERAL_CSTRING(
"SELECT name FROM sqlite_master WHERE type = 'index' AND "
"name = 'moz_places_visitcount' AND sql LIKE '%rev_host%'"),
"name = 'moz_places_visitcount' AND sql LIKE ?1 ESCAPE '/'"),
getter_AddRefs(detectBogusIndex));
NS_ENSURE_SUCCESS(rv, rv);
nsAutoString escapedString;
rv = detectBogusIndex->EscapeStringForLIKE(NS_LITERAL_STRING("rev_host"),
'/', escapedString);
NS_ENSURE_SUCCESS(rv, rv);
rv = detectBogusIndex->BindStringParameter(0, NS_LITERAL_STRING("%") +
escapedString +
NS_LITERAL_STRING("%"));
NS_ENSURE_SUCCESS(rv, rv);
PRBool hasResult;
rv = detectBogusIndex->ExecuteStep(&hasResult);
NS_ENSURE_SUCCESS(rv, rv);