diff options
author | erg <erg@chromium.org> | 2015-07-06 15:15:21 -0700 |
---|---|---|
committer | Commit bot <commit-bot@chromium.org> | 2015-07-06 22:15:55 +0000 |
commit | bbb9e2f6486cccadde4dc2fa077af8f694105eaa (patch) | |
tree | 713737bbad8f83636cf2becfecf8c60057a95a88 /sql | |
parent | b7adc5b57caeea0033b2757d5babc03df73f9bb9 (diff) | |
download | chromium_src-bbb9e2f6486cccadde4dc2fa077af8f694105eaa.zip chromium_src-bbb9e2f6486cccadde4dc2fa077af8f694105eaa.tar.gz chromium_src-bbb9e2f6486cccadde4dc2fa077af8f694105eaa.tar.bz2 |
mandoline filesystem: Save cookie data to the mojo:filesystem.
This makes the network service use the sql vfs to proxy writing the
cookies to the filesystem service. This means mojo:network_service does
not directly write its data to the OS filesystem, which will allow us to
sandbox it.
BUG=493311
Review URL: https://codereview.chromium.org/1179413010
Cr-Commit-Position: refs/heads/master@{#337491}
Diffstat (limited to 'sql')
-rw-r--r-- | sql/mojo/mojo_vfs.cc | 18 | ||||
-rw-r--r-- | sql/mojo/vfs_unittest.cc | 13 |
2 files changed, 30 insertions, 1 deletions
diff --git a/sql/mojo/mojo_vfs.cc b/sql/mojo/mojo_vfs.cc index 6e38af9..3ef67a1 100644 --- a/sql/mojo/mojo_vfs.cc +++ b/sql/mojo/mojo_vfs.cc @@ -6,6 +6,7 @@ #include "base/logging.h" #include "base/rand_util.h" +#include "base/strings/stringprintf.h" #include "components/filesystem/public/interfaces/file.mojom.h" #include "components/filesystem/public/interfaces/file_system.mojom.h" #include "components/filesystem/public/interfaces/types.mojom.h" @@ -245,10 +246,25 @@ int MojoVFSOpen(sqlite3_vfs* mojo_vfs, if (flags & SQLITE_OPEN_DELETEONCLOSE) open_flags |= filesystem::kDeleteOnClose; + mojo::String mojo_name; + if (name) { + // Don't let callers open the pattern of our temporary databases. When we + // open with a null name and SQLITE_OPEN_DELETEONCLOSE, we unlink the + // database after we open it. If we create a database here, close it + // normally, and then open the same file through the other path, we could + // delete the database. + CHECK(strncmp("Temp_", name, 5) != 0); + mojo_name = name; + } else { + DCHECK(flags & SQLITE_OPEN_DELETEONCLOSE); + static int temp_number = 0; + mojo_name = base::StringPrintf("Temp_%d.db", temp_number++); + } + // Grab the incoming file filesystem::FilePtr file_ptr; filesystem::FileError error = filesystem::FILE_ERROR_FAILED; - GetRootDirectory(mojo_vfs)->OpenFile(mojo::String(name), GetProxy(&file_ptr), + GetRootDirectory(mojo_vfs)->OpenFile(mojo_name, GetProxy(&file_ptr), open_flags, Capture(&error)); GetRootDirectory(mojo_vfs).WaitForIncomingResponse(); if (error != filesystem::FILE_ERROR_OK) { diff --git a/sql/mojo/vfs_unittest.cc b/sql/mojo/vfs_unittest.cc index 8ca7c5c..db16638 100644 --- a/sql/mojo/vfs_unittest.cc +++ b/sql/mojo/vfs_unittest.cc @@ -115,6 +115,19 @@ TEST_F(VFSTest, NonexclusiveOpen) { file->pMethods->xClose(file2.get()); } +TEST_F(VFSTest, NullFilenameOpen) { + // Opening a file with a null filename should return a valid file object. + scoped_ptr<sqlite3_file> file(MakeFile()); + int out_flags; + int rc = vfs()->xOpen( + vfs(), nullptr, file.get(), + SQLITE_OPEN_DELETEONCLOSE | SQLITE_OPEN_CREATE | SQLITE_OPEN_READWRITE, + &out_flags); + EXPECT_EQ(SQLITE_OK, rc); + + file->pMethods->xClose(file.get()); +} + TEST_F(VFSTest, DeleteOnClose) { { scoped_ptr<sqlite3_file> file(MakeFile()); |