From c7f32b59cad3951b3543bf3f6c700abb2a8b2241 Mon Sep 17 00:00:00 2001
From: Sangyoon Jang <jeremy.jang@samsung.com>
Date: Tue, 19 Mar 2019 17:40:43 +0900
Subject: [PATCH] Fix a bug when retrieving package dependency info

Change-Id: I05e53fd8d9ef32dc0049304b824ed1688771202b
Signed-off-by: Sangyoon Jang <jeremy.jang@samsung.com>
---
 src/pkgmgrinfo_pkginfo.c | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/src/pkgmgrinfo_pkginfo.c b/src/pkgmgrinfo_pkginfo.c
index 6d7dbfa..a8ba178 100644
--- a/src/pkgmgrinfo_pkginfo.c
+++ b/src/pkgmgrinfo_pkginfo.c
@@ -311,14 +311,22 @@ static int _pkginfo_get_appdefined_privilege(sqlite3 *db, const char *pkgid,
 static int _pkginfo_get_dependency(sqlite3 *db, const char *pkgid,
 		GList **dependencies)
 {
-	static const char query[] =
+	static const char query_raw[] =
 		"SELECT DISTINCT depends_on, type, required_version "
-		"FROM package_dependency_info WHERE package=?";
+		"FROM package_dependency_info WHERE package=%Q";
 	int ret;
+	char *query;
 	sqlite3_stmt *stmt;
 	dependency_x *dependency;
 
+	query = sqlite3_mprintf(query_raw, pkgid);
+	if (query == NULL) {
+		LOGE("out of memory");
+		return PMINFO_R_ERROR;
+	}
+
 	ret = sqlite3_prepare_v2(db, query, strlen(query), &stmt, NULL);
+	sqlite3_free(query);
 	if (ret != SQLITE_OK) {
 		LOGE("prepare failed: %s", sqlite3_errmsg(db));
 		return PMINFO_R_ERROR;
-- 
2.7.4