From c328091dbea3b786282b77dd3ab244b85c6cb31d Mon Sep 17 00:00:00 2001 From: hj kim Date: Thu, 16 May 2019 17:04:05 +0900 Subject: [PATCH] Modify code not to send sqlite query directly regarding the metadata Change-Id: I1620a1a80b8b084cadbcc1a6bc16f6ffc4de0d16 --- src/media_controller_db.c | 21 +++++++++++++++------ svc/media_controller_db_util.c | 20 ++++++++++++++++++-- 2 files changed, 33 insertions(+), 8 deletions(-) diff --git a/src/media_controller_db.c b/src/media_controller_db.c index e4756d7..9fc7968 100644 --- a/src/media_controller_db.c +++ b/src/media_controller_db.c @@ -233,19 +233,28 @@ int mc_db_update_whole_metadata(const char *server_name, const char *copyright, const char *description, const char *track_num, const char *picture, const char *season, const char *episode, const char *resolution) { int ret = MEDIA_CONTROLLER_ERROR_NONE; - char *_query = NULL; char *sql_str = NULL; mc_retvm_if(!server_name, MEDIA_CONTROLLER_ERROR_INVALID_PARAMETER, "Invalid server_name"); - _query = sqlite3_mprintf("UPDATE '%q' SET title=%Q, artist=%Q, album=%Q, author=%Q, genre=%Q, duration=%Q, date=%Q, copyright=%Q, description=%Q, track_num=%Q, picture=%Q, season=%Q, episode=%Q, resolution=%Q;", - server_name, title, artist, album, author, genre, duration, date, copyright, description, track_num, picture, season, episode, resolution); - - sql_str = g_strdup_printf("%s%s%s", MC_DB_CMD_UPDATE_META, MC_STRING_DELIMITER, _query); + sql_str = g_strdup_printf("%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s", MC_DB_CMD_UPDATE_META, MC_STRING_DELIMITER, server_name, MC_STRING_DELIMITER, + title, MC_STRING_DELIMITER, + artist, MC_STRING_DELIMITER, + album, MC_STRING_DELIMITER, + author, MC_STRING_DELIMITER, + genre, MC_STRING_DELIMITER, + duration, MC_STRING_DELIMITER, + date, MC_STRING_DELIMITER, + copyright, MC_STRING_DELIMITER, + description, MC_STRING_DELIMITER, + track_num, MC_STRING_DELIMITER, + picture, MC_STRING_DELIMITER, + season, MC_STRING_DELIMITER, + episode, MC_STRING_DELIMITER, + resolution); ret = __mc_db_update_db(MC_PRIV_TYPE_SERVER, sql_str); - SQLITE3_SAFE_FREE(_query); MC_SAFE_FREE(sql_str); return ret; diff --git a/svc/media_controller_db_util.c b/svc/media_controller_db_util.c index 1022bca..7a86c52 100644 --- a/svc/media_controller_db_util.c +++ b/svc/media_controller_db_util.c @@ -575,6 +575,18 @@ int mc_db_util_init_latest_server_table(void *handle) return ret; } +/* g_strdup_printf replaces NULL to "(null)"*/ +static const char * __replace_null(const char *data) +{ + const char *_null_str = "(null)"; + mc_retvm_if(!data, NULL, "invalid data"); + + if (!strncmp(_null_str, data, strlen(_null_str))) + return NULL; + else + return data; +} + int mc_db_parse_and_update_db(uid_t uid, const char *data, int data_size) { int ret = MEDIA_CONTROLLER_ERROR_NONE; @@ -620,8 +632,12 @@ int mc_db_parse_and_update_db(uid_t uid, const char *data, int data_size) } } else if (strncmp(MC_DB_CMD_UPDATE_META, params[0], strlen(MC_DB_CMD_UPDATE_META)) == 0) { - sql_str = params[1]; - is_query_from_client = TRUE; + sql_str = sqlite3_mprintf("UPDATE '%q' SET title=%Q, artist=%Q, album=%Q, author=%Q, genre=%Q, duration=%Q, date=%Q, copyright=%Q, description=%Q, track_num=%Q, picture=%Q, season=%Q, episode=%Q, resolution=%Q", + params[1], + __replace_null(params[2]), __replace_null(params[3]), __replace_null(params[4]), __replace_null(params[5]), + __replace_null(params[6]), __replace_null(params[7]), __replace_null(params[8]), __replace_null(params[9]), + __replace_null(params[10]), __replace_null(params[11]), __replace_null(params[12]), __replace_null(params[13]), + __replace_null(params[14]), __replace_null(params[15])); } else if (strncmp(MC_DB_CMD_UPDATE_SHUFFLE, params[0], strlen(MC_DB_CMD_UPDATE_SHUFFLE)) == 0) { if (params[2] == NULL) { -- 2.7.4