[Webkit-unassigned] [Bug 25562] New: Potential crash after ApplicationCacheStorage::storeNewestCache() fails.
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue May 5 04:18:04 PDT 2009
https://bugs.webkit.org/show_bug.cgi?id=25562
Summary: Potential crash after
ApplicationCacheStorage::storeNewestCache() fails.
Product: WebKit
Version: 528+ (Nightly build)
Platform: PC
OS/Version: Mac OS X 10.5
Status: UNCONFIRMED
Severity: Normal
Priority: P2
Component: New Bugs
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: andreip at google.com
CC: ap at webkit.org
In ApplicationCacheGroup.cpp:736 we have:
(...)
cacheStorage().storeNewestCache(this, maxAppCacheSize());
if (oldNewestCache)
cacheStorage().remove(oldNewestCache.get());
postListenerTask(someSuccessCallback);
(...)
The problem with this is that the return value of
cacheStorage().storeNewestCache() is never checked. If it fails (e.g. the
user's data partition if full), the code should fire an error event and bail
out. Instead, the existing newest cache is wiped out, thereby leaving an orphan
cache group in the CachedGroups table. This orphan cache group now points to a
non-existing "newest cache" so next time this group will be loaded, there will
be no associated manifest resource and an assertion will fire in
applicationcachegroup.cpp:597:
ApplicationCacheResource* newestManifest = m_newestCache->manifestResource();
ASSERT(newestManifest);
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the webkit-unassigned
mailing list