Title: [248971] trunk/Source/WebCore
- Revision
- 248971
- Author
- cdu...@apple.com
- Date
- 2019-08-21 15:45:46 -0700 (Wed, 21 Aug 2019)
Log Message
Crash under StringImpl::endsWith() in SQLiteIDBBackingStore::fullDatabaseDirectoryWithUpgrade()
https://bugs.webkit.org/show_bug.cgi?id=200990
<rdar://problem/54566439>
Reviewed by Alex Christensen.
Make sure we call isolatedCopy() on SQLiteIDBBackingStore::m_databaseRootDirectory before using
it from background threads.
* Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:
(WebCore::IDBServer::SQLiteIDBBackingStore::fullDatabaseDirectoryWithUpgrade):
(WebCore::IDBServer::SQLiteIDBBackingStore::databasesSizeForOrigin const):
(WebCore::IDBServer::SQLiteIDBBackingStore::deleteBackingStore):
* Modules/indexeddb/server/SQLiteIDBBackingStore.h:
(WebCore::IDBServer::SQLiteIDBBackingStore::databaseRootDirectory const):
Modified Paths
Diff
Modified: trunk/Source/WebCore/ChangeLog (248970 => 248971)
--- trunk/Source/WebCore/ChangeLog 2019-08-21 22:42:48 UTC (rev 248970)
+++ trunk/Source/WebCore/ChangeLog 2019-08-21 22:45:46 UTC (rev 248971)
@@ -1,5 +1,23 @@
2019-08-21 Chris Dumez <cdu...@apple.com>
+ Crash under StringImpl::endsWith() in SQLiteIDBBackingStore::fullDatabaseDirectoryWithUpgrade()
+ https://bugs.webkit.org/show_bug.cgi?id=200990
+ <rdar://problem/54566439>
+
+ Reviewed by Alex Christensen.
+
+ Make sure we call isolatedCopy() on SQLiteIDBBackingStore::m_databaseRootDirectory before using
+ it from background threads.
+
+ * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:
+ (WebCore::IDBServer::SQLiteIDBBackingStore::fullDatabaseDirectoryWithUpgrade):
+ (WebCore::IDBServer::SQLiteIDBBackingStore::databasesSizeForOrigin const):
+ (WebCore::IDBServer::SQLiteIDBBackingStore::deleteBackingStore):
+ * Modules/indexeddb/server/SQLiteIDBBackingStore.h:
+ (WebCore::IDBServer::SQLiteIDBBackingStore::databaseRootDirectory const):
+
+2019-08-21 Chris Dumez <cdu...@apple.com>
+
Crash under StringImpl::~StringImpl() in IDBServer::computeSpaceUsedForOrigin()
https://bugs.webkit.org/show_bug.cgi?id=200989
<rdar://problem/54565546>
Modified: trunk/Source/WebCore/Modules/indexeddb/server/SQLiteIDBBackingStore.cpp (248970 => 248971)
--- trunk/Source/WebCore/Modules/indexeddb/server/SQLiteIDBBackingStore.cpp 2019-08-21 22:42:48 UTC (rev 248970)
+++ trunk/Source/WebCore/Modules/indexeddb/server/SQLiteIDBBackingStore.cpp 2019-08-21 22:45:46 UTC (rev 248971)
@@ -765,9 +765,10 @@
String SQLiteIDBBackingStore::fullDatabaseDirectoryWithUpgrade()
{
- String oldOriginDirectory = m_identifier.databaseDirectoryRelativeToRoot(m_databaseRootDirectory, "v0");
+ auto databaseRootDirectory = this->databaseRootDirectory();
+ String oldOriginDirectory = m_identifier.databaseDirectoryRelativeToRoot(databaseRootDirectory, "v0");
String oldDatabaseDirectory = FileSystem::pathByAppendingComponent(oldOriginDirectory, filenameForDatabaseName());
- String newOriginDirectory = m_identifier.databaseDirectoryRelativeToRoot(m_databaseRootDirectory, "v1");
+ String newOriginDirectory = m_identifier.databaseDirectoryRelativeToRoot(databaseRootDirectory, "v1");
String fileNameHash = SQLiteFileSystem::computeHashForFileName(m_identifier.databaseName());
Vector<String> directoriesWithSameHash = FileSystem::listDirectory(newOriginDirectory, fileNameHash + "*");
String newDatabaseDirectory = FileSystem::pathByAppendingComponent(newOriginDirectory, fileNameHash);
@@ -856,8 +857,9 @@
uint64_t SQLiteIDBBackingStore::databasesSizeForOrigin() const
{
- String oldVersionOriginDirectory = m_identifier.databaseDirectoryRelativeToRoot(m_databaseRootDirectory, "v0");
- String newVersionOriginDirectory = m_identifier.databaseDirectoryRelativeToRoot(m_databaseRootDirectory, "v1");
+ auto databaseRootDirectory = this->databaseRootDirectory();
+ String oldVersionOriginDirectory = m_identifier.databaseDirectoryRelativeToRoot(databaseRootDirectory, "v0");
+ String newVersionOriginDirectory = m_identifier.databaseDirectoryRelativeToRoot(databaseRootDirectory, "v1");
return databasesSizeForFolder(oldVersionOriginDirectory) + databasesSizeForFolder(newVersionOriginDirectory);
}
@@ -2560,7 +2562,7 @@
SQLiteFileSystem::deleteDatabaseFile(dbFilename);
SQLiteFileSystem::deleteEmptyDatabaseDirectory(m_databaseDirectory);
- SQLiteFileSystem::deleteEmptyDatabaseDirectory(m_identifier.databaseDirectoryRelativeToRoot(m_databaseRootDirectory));
+ SQLiteFileSystem::deleteEmptyDatabaseDirectory(m_identifier.databaseDirectoryRelativeToRoot(databaseRootDirectory()));
}
void SQLiteIDBBackingStore::unregisterCursor(SQLiteIDBCursor& cursor)
Modified: trunk/Source/WebCore/Modules/indexeddb/server/SQLiteIDBBackingStore.h (248970 => 248971)
--- trunk/Source/WebCore/Modules/indexeddb/server/SQLiteIDBBackingStore.h 2019-08-21 22:42:48 UTC (rev 248970)
+++ trunk/Source/WebCore/Modules/indexeddb/server/SQLiteIDBBackingStore.h 2019-08-21 22:45:46 UTC (rev 248971)
@@ -108,6 +108,8 @@
String filenameForDatabaseName() const;
String fullDatabasePath() const;
String fullDatabaseDirectoryWithUpgrade();
+
+ String databaseRootDirectory() const { return m_databaseRootDirectory.isolatedCopy(); }
bool ensureValidRecordsTable();
bool ensureValidIndexRecordsTable();
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes