[Webkit-unassigned] [Bug 155506] Database process crashes deleting a corrupt SQLite database file (null deref)

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Sun Jul 3 11:07:21 PDT 2016


https://bugs.webkit.org/show_bug.cgi?id=155506

Brady Eidson <beidson at apple.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
            Summary|API test                    |Database process crashes
                   |IndexedDB.IndexedDBMultiPro |deleting a corrupt SQLite
                   |cess is a flaky timeout     |database file (null deref)

--- Comment #15 from Brady Eidson <beidson at apple.com> ---
Retitling:
Database process crashes deleting a corrupt SQLite database file (null deref)

The database files that reproduce this are inconsistent IDB databases. Probably generated from a previous DB process crash that wasn't recovered from.

When the backing store tries to read from the file, it sees things it doesn't expect, so it closes and nulls out the database handle.

Then, we create a SQLiteStatement with a null database handle, causing the crash.

Adding a null check in the right place is appropriate, and allows the database to be deleted as expected, getting the bot (or user) out of this bad state.

Now to write a test.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20160703/b30cef89/attachment.html>


More information about the webkit-unassigned mailing list