Changeset 202822 in webkit

Timestamp:

Jul 5, 2016 11:05:31 AM (8 years ago)

Author:

beidson@apple.com

Message:

Database process crashes deleting a corrupt SQLite database file (null deref).
​https://bugs.webkit.org/show_bug.cgi?id=155506.

Reviewed by Alex Christensen.

Source/WebCore:

Covered by new API test.

• Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:

(WebCore::IDBServer::SQLiteIDBBackingStore::deleteBackingStore): Null check.

Tools:

• TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
• TestWebKitAPI/Tests/WebKit2Cocoa/IDBDeleteRecovery.html: Added.
• TestWebKitAPI/Tests/WebKit2Cocoa/IDBDeleteRecovery.mm: Added.
• TestWebKitAPI/Tests/WebKit2Cocoa/IDBDeleteRecovery.sqlite3: Added.
• TestWebKitAPI/Tests/WebKit2Cocoa/IDBDeleteRecovery.sqlite3-shm: Added.
• TestWebKitAPI/Tests/WebKit2Cocoa/IDBDeleteRecovery.sqlite3-wal: Added.

Location:

trunk

Files:

• Source/WebCore/ChangeLog (modified) (1 diff)
• Source/WebCore/Modules/indexeddb/server/SQLiteIDBBackingStore.cpp (modified) (1 diff)
• Tools/ChangeLog (modified) (1 diff)
• Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj (modified) (6 diffs)
• Tools/TestWebKitAPI/Tests/WebKit2Cocoa/IDBDeleteRecovery.html (added)
• Tools/TestWebKitAPI/Tests/WebKit2Cocoa/IDBDeleteRecovery.mm (added)
• Tools/TestWebKitAPI/Tests/WebKit2Cocoa/IDBDeleteRecovery.sqlite3 (added)
• Tools/TestWebKitAPI/Tests/WebKit2Cocoa/IDBDeleteRecovery.sqlite3-shm (added)
• Tools/TestWebKitAPI/Tests/WebKit2Cocoa/IDBDeleteRecovery.sqlite3-wal (added)

trunk/Source/WebCore/ChangeLog

@@ +1 @@
+2016-07-05  Brady Eidson  <beidson@apple.com>
+
+        Database process crashes deleting a corrupt SQLite database file (null deref).
+        https://bugs.webkit.org/show_bug.cgi?id=155506.
+
+        Reviewed by Alex Christensen.
+
+        Covered by new API test.
+
+        * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:
+        (WebCore::IDBServer::SQLiteIDBBackingStore::deleteBackingStore): Null check.
+
 2016-07-05  Brady Eidson  <beidson@apple.com>
 

trunk/Source/WebCore/Modules/indexeddb/server/SQLiteIDBBackingStore.cpp

@@ -2057 +2057 @@
         bool errored = true;
 
-        SQLiteStatement sql(*m_sqliteDB, ASCIILiteral("SELECT fileName FROM BlobFiles;"));
-        if (sql.prepare() == SQLITE_OK) {
-            int result = sql.step();
-            while (result == SQLITE_ROW) {
-                blobFiles.append(sql.getColumnText(0));
-                result = sql.step();
+        if (m_sqliteDB) {
+            SQLiteStatement sql(*m_sqliteDB, ASCIILiteral("SELECT fileName FROM BlobFiles;"));
+            if (sql.prepare() == SQLITE_OK) {
+                int result = sql.step();
+                while (result == SQLITE_ROW) {
+                    blobFiles.append(sql.getColumnText(0));
+                    result = sql.step();
+                }
+
+                if (result == SQLITE_DONE)
+                    errored = false;
             }
-
-            if (result == SQLITE_DONE)
-                errored = false;
         }
 

trunk/Tools/ChangeLog

@@ +1 @@
+2016-07-05  Brady Eidson  <beidson@apple.com>
+
+        Database process crashes deleting a corrupt SQLite database file (null deref).
+        https://bugs.webkit.org/show_bug.cgi?id=155506.
+
+        Reviewed by Alex Christensen.
+
+        * TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
+        * TestWebKitAPI/Tests/WebKit2Cocoa/IDBDeleteRecovery.html: Added.
+        * TestWebKitAPI/Tests/WebKit2Cocoa/IDBDeleteRecovery.mm: Added.
+        * TestWebKitAPI/Tests/WebKit2Cocoa/IDBDeleteRecovery.sqlite3: Added.
+        * TestWebKitAPI/Tests/WebKit2Cocoa/IDBDeleteRecovery.sqlite3-shm: Added.
+        * TestWebKitAPI/Tests/WebKit2Cocoa/IDBDeleteRecovery.sqlite3-wal: Added.
+
 2016-07-05  Alexey Proskuryakov  <ap@apple.com>
 

trunk/Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj

@@ -65 +65 @@
                 37E1064C1697681800B78BD0 /* DOMHTMLTableCellElementCellAbove.html in Copy Resources */ = {isa = PBXBuildFile; fileRef = 37E1064B169767F700B78BD0 /* DOMHTMLTableCellElementCellAbove.html */; };
                 4BFDFFA71314776C0061F24B /* HitTestResultNodeHandle_Bundle.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4BFDFFA61314776C0061F24B /* HitTestResultNodeHandle_Bundle.cpp */; };
+                510477721D298DDD009747EB /* IDBDeleteRecovery.sqlite3 in Copy Resources */ = {isa = PBXBuildFile; fileRef = 5104776F1D298D85009747EB /* IDBDeleteRecovery.sqlite3 */; };
+                510477731D298DDD009747EB /* IDBDeleteRecovery.sqlite3-shm in Copy Resources */ = {isa = PBXBuildFile; fileRef = 510477701D298D85009747EB /* IDBDeleteRecovery.sqlite3-shm */; };
+                510477741D298DDD009747EB /* IDBDeleteRecovery.sqlite3-wal in Copy Resources */ = {isa = PBXBuildFile; fileRef = 510477711D298D85009747EB /* IDBDeleteRecovery.sqlite3-wal */; };
+                510477771D298E72009747EB /* IDBDeleteRecovery.html in Copy Resources */ = {isa = PBXBuildFile; fileRef = 510477761D298E57009747EB /* IDBDeleteRecovery.html */; };
+                510477781D29923B009747EB /* IDBDeleteRecovery.mm in Sources */ = {isa = PBXBuildFile; fileRef = 510477751D298E03009747EB /* IDBDeleteRecovery.mm */; };
                 51393E221523952D005F39C5 /* DOMWindowExtensionBasic_Bundle.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 51393E1D1523944A005F39C5 /* DOMWindowExtensionBasic_Bundle.cpp */; };
                 5142B2731517C8C800C32B19 /* ContextMenuCanCopyURL.html in Copy Resources */ = {isa = PBXBuildFile; fileRef = 5142B2721517C89100C32B19 /* ContextMenuCanCopyURL.html */; };
@@ -474 +479 @@
                         files = (
                                 51A587851D2739E3004BA9AF /* IndexedDBDatabaseProcessKill-1.html in Copy Resources */,
+                                510477771D298E72009747EB /* IDBDeleteRecovery.html in Copy Resources */,
+                                510477721D298DDD009747EB /* IDBDeleteRecovery.sqlite3 in Copy Resources */,
+                                510477731D298DDD009747EB /* IDBDeleteRecovery.sqlite3-shm in Copy Resources */,
+                                510477741D298DDD009747EB /* IDBDeleteRecovery.sqlite3-wal in Copy Resources */,
                                 51A5877D1D1B49CD004BA9AF /* IndexedDBMultiProcess-3.html in Copy Resources */,
                                 9984FACE1CFFB090008D198C /* editable-body.html in Copy Resources */,
@@ -693 +702 @@
                 4BFDFFA61314776C0061F24B /* HitTestResultNodeHandle_Bundle.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = HitTestResultNodeHandle_Bundle.cpp; sourceTree = "<group>"; };
                 4BFDFFA8131477770061F24B /* HitTestResultNodeHandle.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = HitTestResultNodeHandle.cpp; sourceTree = "<group>"; };
+                5104776F1D298D85009747EB /* IDBDeleteRecovery.sqlite3 */ = {isa = PBXFileReference; lastKnownFileType = file; path = IDBDeleteRecovery.sqlite3; sourceTree = "<group>"; };
+                510477701D298D85009747EB /* IDBDeleteRecovery.sqlite3-shm */ = {isa = PBXFileReference; lastKnownFileType = file; path = "IDBDeleteRecovery.sqlite3-shm"; sourceTree = "<group>"; };
+                510477711D298D85009747EB /* IDBDeleteRecovery.sqlite3-wal */ = {isa = PBXFileReference; lastKnownFileType = file; path = "IDBDeleteRecovery.sqlite3-wal"; sourceTree = "<group>"; };
+                510477751D298E03009747EB /* IDBDeleteRecovery.mm */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.objcpp; path = IDBDeleteRecovery.mm; sourceTree = "<group>"; };
+                510477761D298E57009747EB /* IDBDeleteRecovery.html */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.html; path = IDBDeleteRecovery.html; sourceTree = "<group>"; };
                 51393E1D1523944A005F39C5 /* DOMWindowExtensionBasic_Bundle.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = DOMWindowExtensionBasic_Bundle.cpp; sourceTree = "<group>"; };
                 51393E1E1523944A005F39C5 /* DOMWindowExtensionBasic.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = DOMWindowExtensionBasic.cpp; sourceTree = "<group>"; };
@@ -1158 +1172 @@
                                 CDE195B31CFE0ADE0053D256 /* FullscreenTopContentInset.mm */,
                                 51A587841D272EF3004BA9AF /* IndexedDBDatabaseProcessKill.mm */,
+                                510477751D298E03009747EB /* IDBDeleteRecovery.mm */,
                                 51BCEE491C84F4AF0042C82E /* IndexedDBMultiProcess.mm */,
                                 51B1EE8D1C80F5880064FB98 /* IndexedDBPersistence.mm */,
@@ -1265 +1280 @@
                                 5714ECBA1CA8BFD100051AC8 /* DownloadRequestOriginalURLFrame.html */,
                                 51A587821D272EB5004BA9AF /* IndexedDBDatabaseProcessKill-1.html */,
+                                510477761D298E57009747EB /* IDBDeleteRecovery.html */,
+                                5104776F1D298D85009747EB /* IDBDeleteRecovery.sqlite3 */,
+                                510477701D298D85009747EB /* IDBDeleteRecovery.sqlite3-shm */,
+                                510477711D298D85009747EB /* IDBDeleteRecovery.sqlite3-wal */,
                                 51BCEE4C1C84F52C0042C82E /* IndexedDBMultiProcess-1.html */,
                                 51BCEE4D1C84F52C0042C82E /* IndexedDBMultiProcess-2.html */,
@@ -2005 +2024 @@
                                 7CCE7EB31A411A7E00447C4C /* AcceptsFirstMouse.mm in Sources */,
                                 7CCE7EB41A411A7E00447C4C /* AttributedString.mm in Sources */,
+                                510477781D29923B009747EB /* IDBDeleteRecovery.mm in Sources */,
                                 7CCE7EB51A411A7E00447C4C /* BackForwardList.mm in Sources */,
                                 7CCE7EDC1A411A9200447C4C /* CalculationValue.cpp in Sources */,