Changeset 122328 in webkit
- Timestamp:
- Jul 11, 2012 6:44:48 AM (12 years ago)
- Location:
- trunk/Source/WebCore
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/WebCore/ChangeLog
r122327 r122328 1 2012-07-11 Jason Liu <jason.liu@torchmobile.com.cn> 2 3 [BlackBerry] crash in CookieDatabaseBackingStore. 4 https://bugs.webkit.org/show_bug.cgi?id=90270 5 6 Reviewed by George Staikos. 7 8 There is one case for this crash. 9 1. A browser crashes and locks cookies' database for a while. 10 2. Open a new browser when the old one doesn't finish crashing. 11 3. The new one writes the cookies' database and receives a SQLITE_BUSY error 12 in CookieDatabaseBackingStore's invokeOpen. So this database isn't opened. 13 4. invokeGetCookiesWithLimit returns 0. 14 5. Crash happens when using a null pointer. 15 16 Add function setBusyTimeout(1000) and a guard for cookies' pointer. 17 setBusyTimeout will call sqlite3_busy_timeout. 18 19 When the SQLite database is accessed for reading it is locked for writing 20 until the reading access is finished. Another process cannot access the database 21 while it is locked. The timeout time sets a limit while this process tries to access 22 the locked database. If the database is unlocked within the timeout time it can be 23 accessed, otherwise an access fails. 24 25 No new tests. This crash is hard to reproduce, and it happens only on our platform. 26 27 * platform/blackberry/CookieDatabaseBackingStore/CookieDatabaseBackingStore.cpp: 28 (WebCore::CookieDatabaseBackingStore::getCookiesFromDatabase): 29 1 30 2012-07-11 Vsevolod Vlasov <vsevik@chromium.org> 2 31 -
trunk/Source/WebCore/platform/blackberry/CookieDatabaseBackingStore/CookieDatabaseBackingStore.cpp
r114122 r122328 219 219 createTableQuery += " (" + databaseFields + ", " + primaryKeyFields+");"; 220 220 221 m_db.setBusyTimeout(1000); 222 221 223 if (!m_db.executeCommand(createTableQuery)) { 222 224 LOG_ERROR("Could not create the table to store the cookies into. No cookie will be stored!"); … … 347 349 dispatchMessage(createMethodCallMessageWithReturn(&CookieDatabaseBackingStore::invokeGetCookiesWithLimit, &replyBuffer, this, limit)); 348 350 Vector<ParsedCookie*>* cookies = replyBuffer.pointer(); 349 stackOfCookies.swap(*cookies); 351 if (cookies) 352 stackOfCookies.swap(*cookies); 350 353 delete cookies; 351 354 }
Note: See TracChangeset
for help on using the changeset viewer.