Diff
Modified: trunk/LayoutTests/ChangeLog (252671 => 252672)
--- trunk/LayoutTests/ChangeLog 2019-11-20 02:08:26 UTC (rev 252671)
+++ trunk/LayoutTests/ChangeLog 2019-11-20 02:08:55 UTC (rev 252672)
@@ -1,5 +1,17 @@
2019-11-19 Sihui Liu <sihui_...@apple.com>
+ IndexedDB: overflow of KeyGenerator in MemoryIDBBackingStore
+ https://bugs.webkit.org/show_bug.cgi?id=204366
+
+ Reviewed by Brady Eidson.
+
+ * storage/indexeddb/key-generator-expected.txt:
+ * storage/indexeddb/key-generator-private-expected.txt:
+ * storage/indexeddb/resources/key-generator.js:
+ (request.onerror):
+
+2019-11-19 Sihui Liu <sihui_...@apple.com>
+
IndexedDB: update m_objectStoresByName after renaming object store
https://bugs.webkit.org/show_bug.cgi?id=204373
Modified: trunk/LayoutTests/storage/indexeddb/key-generator-expected.txt (252671 => 252672)
--- trunk/LayoutTests/storage/indexeddb/key-generator-expected.txt 2019-11-20 02:08:26 UTC (rev 252671)
+++ trunk/LayoutTests/storage/indexeddb/key-generator-expected.txt 2019-11-20 02:08:55 UTC (rev 252672)
@@ -161,6 +161,28 @@
PASS Got "d" for key: 2
db.close()
+Verify that keys above 2^64 result in errors.
+indexedDB = self.indexedDB || self.webkitIndexedDB || self.mozIndexedDB || self.msIndexedDB || self.OIndexedDB;
+
+indexedDB.deleteDatabase(dbname)
+indexedDB.open(dbname)
+trans1 = db.transaction(['store'], 'readwrite')
+store_t1 = trans1.objectStore('store')
+store_t1.put('a')
+request = store.get(1)
+store_t1.put('b', Math.pow(2, 64))
+request = store.get(18446744073709552000)
+store_t1.put('c')
+store_t1.put('d', 2)
+request = store.get(2)
+PASS Got "a" for key: 1
+PASS Got "b" for key: 18446744073709552000
+Error event fired auto-incrementing past 2^64 (as expected)
+PASS event.target.error.name is 'ConstraintError'
+event.preventDefault()
+PASS Got "d" for key: 2
+db.close()
+
Ensure key generator state is maintained across connections:
indexedDB = self.indexedDB || self.webkitIndexedDB || self.mozIndexedDB || self.msIndexedDB || self.OIndexedDB;
Modified: trunk/LayoutTests/storage/indexeddb/key-generator-private-expected.txt (252671 => 252672)
--- trunk/LayoutTests/storage/indexeddb/key-generator-private-expected.txt 2019-11-20 02:08:26 UTC (rev 252671)
+++ trunk/LayoutTests/storage/indexeddb/key-generator-private-expected.txt 2019-11-20 02:08:55 UTC (rev 252672)
@@ -161,6 +161,28 @@
PASS Got "d" for key: 2
db.close()
+Verify that keys above 2^64 result in errors.
+indexedDB = self.indexedDB || self.webkitIndexedDB || self.mozIndexedDB || self.msIndexedDB || self.OIndexedDB;
+
+indexedDB.deleteDatabase(dbname)
+indexedDB.open(dbname)
+trans1 = db.transaction(['store'], 'readwrite')
+store_t1 = trans1.objectStore('store')
+store_t1.put('a')
+request = store.get(1)
+store_t1.put('b', Math.pow(2, 64))
+request = store.get(18446744073709552000)
+store_t1.put('c')
+store_t1.put('d', 2)
+request = store.get(2)
+PASS Got "a" for key: 1
+PASS Got "b" for key: 18446744073709552000
+Error event fired auto-incrementing past 2^64 (as expected)
+PASS event.target.error.name is 'ConstraintError'
+event.preventDefault()
+PASS Got "d" for key: 2
+db.close()
+
Ensure key generator state is maintained across connections:
indexedDB = self.indexedDB || self.webkitIndexedDB || self.mozIndexedDB || self.msIndexedDB || self.OIndexedDB;
Modified: trunk/LayoutTests/storage/indexeddb/resources/key-generator.js (252671 => 252672)
--- trunk/LayoutTests/storage/indexeddb/resources/key-generator.js 2019-11-20 02:08:26 UTC (rev 252671)
+++ trunk/LayoutTests/storage/indexeddb/resources/key-generator.js 2019-11-20 02:08:55 UTC (rev 252672)
@@ -221,6 +221,33 @@
}
);
+defineTest(
+ 'Verify that keys above 2^64 result in errors.',
+ function (db, trans) {
+ db.createObjectStore('store', { autoIncrement: true });
+ },
+
+ function (db, callback) {
+ evalAndLog("trans1 = db.transaction(['store'], 'readwrite')");
+ evalAndLog("store_t1 = trans1.objectStore('store')");
+ evalAndLog("store_t1.put('a')");
+ check(store_t1, 1, 'a');
+ evalAndLog("store_t1.put('b', Math.pow(2, 64))");
+ check(store_t1, Math.pow(2, 64), 'b');
+ request = evalAndLog("store_t1.put('c')");
+ request._onsuccess_ = unexpectedSuccessCallback;
+ request._onerror_ = function () {
+ debug("Error event fired auto-incrementing past 2^64 (as expected)");
+ shouldBe("event.target.error.name", "'ConstraintError'");
+ evalAndLog("event.preventDefault()");
+ };
+ evalAndLog("store_t1.put('d', 2)");
+ check(store_t1, 2, 'd');
+
+ trans1._oncomplete_ = callback;
+ }
+);
+
function testAcrossConnections()
{
debug("");
Modified: trunk/Source/WebCore/ChangeLog (252671 => 252672)
--- trunk/Source/WebCore/ChangeLog 2019-11-20 02:08:26 UTC (rev 252671)
+++ trunk/Source/WebCore/ChangeLog 2019-11-20 02:08:55 UTC (rev 252672)
@@ -1,5 +1,19 @@
2019-11-19 Sihui Liu <sihui_...@apple.com>
+ IndexedDB: overflow of KeyGenerator in MemoryIDBBackingStore
+ https://bugs.webkit.org/show_bug.cgi?id=204366
+
+ Reviewed by Brady Eidson.
+
+ Do not set KeyGenerator if it is key is bigger than 2^53.
+
+ Test: storage/indexeddb/key-generator-private.html
+
+ * Modules/indexeddb/server/MemoryIDBBackingStore.cpp:
+ (WebCore::IDBServer::MemoryIDBBackingStore::maybeUpdateKeyGeneratorNumber):
+
+2019-11-19 Sihui Liu <sihui_...@apple.com>
+
IndexedDB: update m_objectStoresByName after renaming object store
https://bugs.webkit.org/show_bug.cgi?id=204373
Modified: trunk/Source/WebCore/Modules/indexeddb/server/MemoryIDBBackingStore.cpp (252671 => 252672)
--- trunk/Source/WebCore/Modules/indexeddb/server/MemoryIDBBackingStore.cpp 2019-11-20 02:08:26 UTC (rev 252671)
+++ trunk/Source/WebCore/Modules/indexeddb/server/MemoryIDBBackingStore.cpp 2019-11-20 02:08:55 UTC (rev 252672)
@@ -487,6 +487,11 @@
if (newKeyNumber < objectStore->currentKeyGeneratorValue())
return IDBError { };
+ if (newKeyNumber >= (double)maxGeneratedKeyValue) {
+ objectStore->setKeyGeneratorValue(maxGeneratedKeyValue + 1);
+ return IDBError { };
+ }
+
uint64_t newKeyInteger(newKeyNumber);
if (newKeyInteger <= uint64_t(newKeyNumber))
++newKeyInteger;
