[webkit-changes] [249055] branches/safari-608-branch/Source/WebCore

Fri, 23 Aug 2019 10:54:14 -0700

Title: [249055] branches/safari-608-branch/Source/WebCore
Revision
249055
Author
alanc...@apple.com
Date
2019-08-23 10:53:19 -0700 (Fri, 23 Aug 2019)

Log Message

Cherry-pick r248969. rdar://problem/54643450

    Crash under StringImpl::~StringImpl() in IDBServer::computeSpaceUsedForOrigin()
    https://bugs.webkit.org/show_bug.cgi?id=200989
    <rdar://problem/54565546>

    Reviewed by Alex Christensen.

    Make sure we call isolatedCopy() on IDBServer::m_databaseDirectoryPath before using it from
    background threads.

    * Modules/indexeddb/server/IDBServer.cpp:
    (WebCore::IDBServer::IDBServer::createBackingStore):
    (WebCore::IDBServer::IDBServer::performGetAllDatabaseNames):
    (WebCore::IDBServer::IDBServer::removeDatabasesModifiedSinceForVersion):
    (WebCore::IDBServer::IDBServer::performCloseAndDeleteDatabasesModifiedSince):
    (WebCore::IDBServer::IDBServer::removeDatabasesWithOriginsForVersion):
    (WebCore::IDBServer::IDBServer::performCloseAndDeleteDatabasesForOrigins):
    (WebCore::IDBServer::IDBServer::computeSpaceUsedForOrigin):
    (WebCore::IDBServer::IDBServer::upgradeFilesIfNecessary):
    * Modules/indexeddb/server/IDBServer.h:
    (WebCore::IDBServer::IDBServer::databaseDirectoryPath const):

    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@248969 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Modified Paths

Diff

Modified: branches/safari-608-branch/Source/WebCore/ChangeLog (249054 => 249055)


--- branches/safari-608-branch/Source/WebCore/ChangeLog	2019-08-23 17:53:16 UTC (rev 249054)
+++ branches/safari-608-branch/Source/WebCore/ChangeLog	2019-08-23 17:53:19 UTC (rev 249055)
@@ -1,5 +1,55 @@
 2019-08-23  Kocsen Chung  <kocsen_ch...@apple.com>
 
+        Cherry-pick r248969. rdar://problem/54643450
+
+    Crash under StringImpl::~StringImpl() in IDBServer::computeSpaceUsedForOrigin()
+    https://bugs.webkit.org/show_bug.cgi?id=200989
+    <rdar://problem/54565546>
+    
+    Reviewed by Alex Christensen.
+    
+    Make sure we call isolatedCopy() on IDBServer::m_databaseDirectoryPath before using it from
+    background threads.
+    
+    * Modules/indexeddb/server/IDBServer.cpp:
+    (WebCore::IDBServer::IDBServer::createBackingStore):
+    (WebCore::IDBServer::IDBServer::performGetAllDatabaseNames):
+    (WebCore::IDBServer::IDBServer::removeDatabasesModifiedSinceForVersion):
+    (WebCore::IDBServer::IDBServer::performCloseAndDeleteDatabasesModifiedSince):
+    (WebCore::IDBServer::IDBServer::removeDatabasesWithOriginsForVersion):
+    (WebCore::IDBServer::IDBServer::performCloseAndDeleteDatabasesForOrigins):
+    (WebCore::IDBServer::IDBServer::computeSpaceUsedForOrigin):
+    (WebCore::IDBServer::IDBServer::upgradeFilesIfNecessary):
+    * Modules/indexeddb/server/IDBServer.h:
+    (WebCore::IDBServer::IDBServer::databaseDirectoryPath const):
+    
+    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@248969 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+    2019-08-21  Chris Dumez  <cdu...@apple.com>
+
+            Crash under StringImpl::~StringImpl() in IDBServer::computeSpaceUsedForOrigin()
+            https://bugs.webkit.org/show_bug.cgi?id=200989
+            <rdar://problem/54565546>
+
+            Reviewed by Alex Christensen.
+
+            Make sure we call isolatedCopy() on IDBServer::m_databaseDirectoryPath before using it from
+            background threads.
+
+            * Modules/indexeddb/server/IDBServer.cpp:
+            (WebCore::IDBServer::IDBServer::createBackingStore):
+            (WebCore::IDBServer::IDBServer::performGetAllDatabaseNames):
+            (WebCore::IDBServer::IDBServer::removeDatabasesModifiedSinceForVersion):
+            (WebCore::IDBServer::IDBServer::performCloseAndDeleteDatabasesModifiedSince):
+            (WebCore::IDBServer::IDBServer::removeDatabasesWithOriginsForVersion):
+            (WebCore::IDBServer::IDBServer::performCloseAndDeleteDatabasesForOrigins):
+            (WebCore::IDBServer::IDBServer::computeSpaceUsedForOrigin):
+            (WebCore::IDBServer::IDBServer::upgradeFilesIfNecessary):
+            * Modules/indexeddb/server/IDBServer.h:
+            (WebCore::IDBServer::IDBServer::databaseDirectoryPath const):
+
+2019-08-23  Kocsen Chung  <kocsen_ch...@apple.com>
+
         Cherry-pick r248971. rdar://problem/54643440
 
     Crash under StringImpl::endsWith() in SQLiteIDBBackingStore::fullDatabaseDirectoryWithUpgrade()

Modified: branches/safari-608-branch/Source/WebCore/Modules/indexeddb/server/IDBServer.cpp (249054 => 249055)


--- branches/safari-608-branch/Source/WebCore/Modules/indexeddb/server/IDBServer.cpp	2019-08-23 17:53:16 UTC (rev 249054)
+++ branches/safari-608-branch/Source/WebCore/Modules/indexeddb/server/IDBServer.cpp	2019-08-23 17:53:19 UTC (rev 249055)
@@ -132,10 +132,11 @@
 {
     ASSERT(!isMainThread());
 
-    if (m_databaseDirectoryPath.isEmpty())
+    auto databaseDirectoryPath = this->databaseDirectoryPath();
+    if (databaseDirectoryPath.isEmpty())
         return MemoryIDBBackingStore::create(identifier);
 
-    return std::make_unique<SQLiteIDBBackingStore>(identifier, m_databaseDirectoryPath, m_backingStoreTemporaryFileHandler, m_perOriginQuota);
+    return std::make_unique<SQLiteIDBBackingStore>(identifier, databaseDirectoryPath, m_backingStoreTemporaryFileHandler, m_perOriginQuota);
 }
 
 void IDBServer::openDatabase(const IDBRequestData& requestData)
@@ -466,7 +467,8 @@
 
 void IDBServer::performGetAllDatabaseNames(uint64_t serverConnectionIdentifier, const SecurityOriginData& mainFrameOrigin, const SecurityOriginData& openingOrigin, uint64_t callbackID)
 {
-    String oldDirectory = IDBDatabaseIdentifier::databaseDirectoryRelativeToRoot(mainFrameOrigin, openingOrigin, m_databaseDirectoryPath, "v0");
+    auto databaseDirectoryPath = this->databaseDirectoryPath();
+    String oldDirectory = IDBDatabaseIdentifier::databaseDirectoryRelativeToRoot(mainFrameOrigin, openingOrigin, databaseDirectoryPath, "v0");
     Vector<String> files = FileSystem::listDirectory(oldDirectory, "*"_s);
     Vector<String> databases;
     for (auto& file : files) {
@@ -474,7 +476,7 @@
         databases.append(SQLiteIDBBackingStore::databaseNameFromEncodedFilename(encodedName));
     }
 
-    String directory = IDBDatabaseIdentifier::databaseDirectoryRelativeToRoot(mainFrameOrigin, openingOrigin, m_databaseDirectoryPath, "v1");
+    String directory = IDBDatabaseIdentifier::databaseDirectoryRelativeToRoot(mainFrameOrigin, openingOrigin, databaseDirectoryPath, "v1");
     files = FileSystem::listDirectory(directory, "*"_s);
     for (auto& file : files) {
         auto databaseName = SQLiteIDBBackingStore::databaseNameFromFile(SQLiteIDBBackingStore::fullDatabasePathForDirectory(file));
@@ -639,7 +641,7 @@
 
 void IDBServer::removeDatabasesModifiedSinceForVersion(WallTime modifiedSince, const String& version)
 {
-    String versionPath = FileSystem::pathByAppendingComponent(m_databaseDirectoryPath, version);
+    String versionPath = FileSystem::pathByAppendingComponent(databaseDirectoryPath(), version);
     for (auto& originPath : FileSystem::listDirectory(versionPath, "*")) {
         String databaseIdentifier = FileSystem::lastComponentOfPathIgnoringTrailingSlash(originPath);
         if (auto securityOrigin = SecurityOriginData::fromDatabaseIdentifier(databaseIdentifier))
@@ -649,7 +651,7 @@
 
 void IDBServer::performCloseAndDeleteDatabasesModifiedSince(WallTime modifiedSince, uint64_t callbackID)
 {
-    if (!m_databaseDirectoryPath.isEmpty()) {
+    if (!databaseDirectoryPath().isEmpty()) {
         removeDatabasesModifiedSinceForVersion(modifiedSince, "v0");
         removeDatabasesModifiedSinceForVersion(modifiedSince, "v1");
     }
@@ -659,7 +661,7 @@
 
 void IDBServer::removeDatabasesWithOriginsForVersion(const Vector<SecurityOriginData> &origins, const String& version)
 {
-    String versionPath = FileSystem::pathByAppendingComponent(m_databaseDirectoryPath, version);
+    String versionPath = FileSystem::pathByAppendingComponent(databaseDirectoryPath(), version);
     for (const auto& origin : origins) {
         String originPath = FileSystem::pathByAppendingComponent(versionPath, origin.databaseIdentifier());
         removeAllDatabasesForOriginPath(originPath, -WallTime::infinity());
@@ -673,7 +675,7 @@
     
 void IDBServer::performCloseAndDeleteDatabasesForOrigins(const Vector<SecurityOriginData>& origins, uint64_t callbackID)
 {
-    if (!m_databaseDirectoryPath.isEmpty()) {
+    if (!databaseDirectoryPath().isEmpty()) {
         removeDatabasesWithOriginsForVersion(origins, "v0");
         removeDatabasesWithOriginsForVersion(origins, "v1");
     }
@@ -775,8 +777,9 @@
 {
     ASSERT(!isMainThread());
 
-    auto oldVersionOriginDirectory = IDBDatabaseIdentifier::databaseDirectoryRelativeToRoot(origin.topOrigin, origin.clientOrigin, m_databaseDirectoryPath, "v0");
-    auto newVersionOriginDirectory = IDBDatabaseIdentifier::databaseDirectoryRelativeToRoot(origin.topOrigin, origin.clientOrigin, m_databaseDirectoryPath, "v1");
+    auto databaseDirectoryPath = this->databaseDirectoryPath();
+    auto oldVersionOriginDirectory = IDBDatabaseIdentifier::databaseDirectoryRelativeToRoot(origin.topOrigin, origin.clientOrigin, databaseDirectoryPath, "v0");
+    auto newVersionOriginDirectory = IDBDatabaseIdentifier::databaseDirectoryRelativeToRoot(origin.topOrigin, origin.clientOrigin, databaseDirectoryPath, "v1");
     auto size = SQLiteIDBBackingStore::databasesSizeForFolder(oldVersionOriginDirectory) + SQLiteIDBBackingStore::databasesSizeForFolder(newVersionOriginDirectory);
 
     postDatabaseTaskReply(createCrossThreadTask(*this, &IDBServer::finishComputingSpaceUsedForOrigin, origin, size));
@@ -821,10 +824,11 @@
 
 void IDBServer::upgradeFilesIfNecessary()
 {
-    if (m_databaseDirectoryPath.isEmpty() || !FileSystem::fileExists(m_databaseDirectoryPath))
+    auto databaseDirectoryPath = this->databaseDirectoryPath();
+    if (databaseDirectoryPath.isEmpty() || !FileSystem::fileExists(databaseDirectoryPath))
         return;
 
-    String newVersionDirectory = FileSystem::pathByAppendingComponent(m_databaseDirectoryPath, "v1");
+    String newVersionDirectory = FileSystem::pathByAppendingComponent(databaseDirectoryPath, "v1");
     if (!FileSystem::fileExists(newVersionDirectory))
         FileSystem::makeAllDirectories(newVersionDirectory);
 }

Modified: branches/safari-608-branch/Source/WebCore/Modules/indexeddb/server/IDBServer.h (249054 => 249055)


--- branches/safari-608-branch/Source/WebCore/Modules/indexeddb/server/IDBServer.h	2019-08-23 17:53:16 UTC (rev 249054)
+++ branches/safari-608-branch/Source/WebCore/Modules/indexeddb/server/IDBServer.h	2019-08-23 17:53:19 UTC (rev 249055)
@@ -134,6 +134,8 @@
     IDBServer(PAL::SessionID, const String& databaseDirectoryPath, IDBBackingStoreTemporaryFileHandler&, QuotaManagerGetter&&);
 
     UniqueIDBDatabase& getOrCreateUniqueIDBDatabase(const IDBDatabaseIdentifier&);
+    
+    String databaseDirectoryPath() const { return m_databaseDirectoryPath.isolatedCopy(); }
 
     void performGetAllDatabaseNames(uint64_t serverConnectionIdentifier, const SecurityOriginData& mainFrameOrigin, const SecurityOriginData& openingOrigin, uint64_t callbackID);
     void didGetAllDatabaseNames(uint64_t serverConnectionIdentifier, uint64_t callbackID, const Vector<String>& databaseNames);

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to