Handle unrecognized columns and avoid SQL injection

Bug:135269669
Test: atest com.android.providers.tv
Change-Id: I6445fb22501e8ee2aeb6901b32cb03e971c14211
(cherry picked from commit d817260cae81eee3ea18fe6b8f69c32ba070ea6e)
(cherry picked from commit 7b2b1fba39aeb61b67b29cdb8d4780afc817ac2e)

1 files changed, 9 insertions, 4 deletions

diff --git a/src/com/android/providers/tv/TvProvider.java b/src/com/android/providers/tv/TvProvider.java
index e8543a2..cf16ded 100644
--- a/src/com/android/providers/tv/TvProvider.java
+++ b/src/com/android/providers/tv/TvProvider.java
@@ -118,7 +118,6 @@ public class TvProvider extends ContentProvider {
     private static final String OP_UPDATE = "update";
     private static final String OP_DELETE = "delete";
 
-
     private static final UriMatcher sUriMatcher;
     private static final int MATCH_CHANNEL = 1;
     private static final int MATCH_CHANNEL_ID = 2;
@@ -1605,9 +1604,15 @@ public class TvProvider extends ContentProvider {
         }
         Map<String, String> columnProjectionMap = new HashMap<>();
         for (String columnName : projection) {
-            // Value NULL will be provided if the requested column does not exist in the database.
-            columnProjectionMap.put(columnName,
-                    projectionMap.getOrDefault(columnName, "NULL as " + columnName));
+            String value = projectionMap.get(columnName);
+            if (value != null) {
+                columnProjectionMap.put(columnName, value);
+            } else {
+                // Value NULL will be provided if the requested column does not exist in the
+                // database.
+                value = "NULL AS " + DatabaseUtils.sqlEscapeString(columnName);
+                columnProjectionMap.put(columnName, value);
+            }
         }
         return columnProjectionMap;
     }