目前我们正在使用未加密的应用程序,但在新版本中,我们正在使用此查询加密我们的数据库
existing_db.rawExecSQL("ATTACH DATABASE '" + newFile.path + "' AS encrypted KEY '" + passphrase + "';")
existing_db.rawExecSQL("SELECT sqlcipher_export('encrypted');")
它工作正常,但是当我们运行渗透测试时,我们遇到了这个高风险问题
There is 'execSQL()' found in file 'defpackage/SQLCipherUtils.java':
[line 50: stringBuilder2.append("';");]
[line 51: openOrCreateDatabase.rawexecSQL(stringBuilder2.toString());]
[line 52: openOrCreateDatabase.rawexecSQL("SELECT sqlcipher_export('encrypted');");]
[line 53: openOrCreateDatabase.rawexecSQL("DETACH DATABASE encrypted;");]
[line 54: int version = openOrCreateDatabase.getVersion();]
但现在我正在尝试这个来保护查询
val attachDB = "ATTACH DATABASE '" + newFile.path + "' AS encrypted KEY '" + passphrase + "';"
sqLiteStatement = existing_db.compileStatement(attachDB);
sqLiteStatement.execute();
val exportDB = "SELECT sqlcipher_export('encrypted');"
sqLiteStatement = existing_db.compileStatement(exportDB);
sqLiteStatement.execute();
但我遇到了这个问题 net.sqlcipher.database.SQLiteException: error code 100: another row available
我也关注了这张票,但无法理解为什么我不能使用这些查询的真正问题 net.sqlcipher.database.SQLiteException:错误代码 100:另一行可用