Handling single quote during app control resolution

Change-Id: Ia59873ca475662967169094a2a551aef77787c89
Signed-off-by: Junghoon Park <jh9216.park@samsung.com>

diff --git a/src/service_db.c b/src/service_db.c
index 93302cc..ae92c1a 100755 (executable)
--- a/src/service_db.c
+++ b/src/service_db.c
@@ -619,34 +619,32 @@ int _svc_db_get_list_with_all_defapps(GSList **pkg_list, uid_t uid)
 
 char *_svc_db_query_builder_add(char *old_query, char *op, char *uri, char *mime, bool collate)
 {
-       char query[QUERY_MAX_LEN];
+       char *query;
+       char *q;
 
        if (collate) {
                if (old_query) {
-                       snprintf(query, QUERY_MAX_LEN,
-                               "%s, '%s|%s|%s'",
+                       query = sqlite3_mprintf("%s, '%q|%q|%q'",
                                old_query, op, uri, mime);
                        free(old_query);
                } else {
-                       snprintf(query, QUERY_MAX_LEN,
-                               "'%s|%s|%s'",
+                       query = sqlite3_mprintf("'%q|%q|%q'",
                                op, uri, mime);
                }
-
        } else {
                if (old_query) {
-                       snprintf(query, QUERY_MAX_LEN,
-                               "%s OR ac.app_control like '%%%s|%s|%s%%' ",
+                       query = sqlite3_mprintf("%s OR ac.app_control like '%%%q|%q|%q%%' ",
                                old_query, op, uri, mime);
                        free(old_query);
                } else {
-                       snprintf(query, QUERY_MAX_LEN,
-                       "ac.app_control like '%%%s|%s|%s%%' ",
+                       query = sqlite3_mprintf("ac.app_control like '%%%q|%q|%q%%' ",
                        op, uri, mime);
                }
        }
 
-       return strdup(query);
+       q = strdup(query);
+       sqlite3_free(query);
+       return q;
 }
 
 char *_svc_db_query_builder_or(char *q1, char *q2)