diff options
| author | Selim Gurun <sgurun@google.com> | 2013-11-13 16:15:22 -0800 |
|---|---|---|
| committer | Selim Gurun <sgurun@google.com> | 2013-11-13 16:15:22 -0800 |
| commit | 597ff67b2a49a27fb1f55106020578e4f442d718 (patch) | |
| tree | 7952bb598424296dc31e419121c8ce40e60dcc6f | |
| parent | 3c29aaba6387dabc55557bbec39b59e1cb008484 (diff) | |
| download | chromium_org-597ff67b2a49a27fb1f55106020578e4f442d718.tar.gz | |
IndexedDB: Ignore duplicate transaction IDs sent by renderer
Bug: 11676314
This is a clean cherry pick from
https://codereview.chromium.org/24702002
Change-Id: Id55f0795064fe435ca8a1cde013ddd55c1ffac0a
| -rw-r--r-- | content/browser/indexed_db/indexed_db_database.cc | 4 | ||||
| -rw-r--r-- | content/browser/indexed_db/indexed_db_dispatcher_host.cc | 6 |
2 files changed, 9 insertions, 1 deletions
diff --git a/content/browser/indexed_db/indexed_db_database.cc b/content/browser/indexed_db/indexed_db_database.cc index 9eb577448d..d6f355d760 100644 --- a/content/browser/indexed_db/indexed_db_database.cc +++ b/content/browser/indexed_db/indexed_db_database.cc @@ -1630,6 +1630,9 @@ void IndexedDBDatabase::CreateTransaction( uint16 mode) { DCHECK(connections_.has(connection)); + DCHECK(transactions_.find(transaction_id) == transactions_.end()); + if (transactions_.find(transaction_id) != transactions_.end()) + return; scoped_refptr<IndexedDBTransaction> transaction = new IndexedDBTransaction( transaction_id, @@ -1637,7 +1640,6 @@ void IndexedDBDatabase::CreateTransaction( std::set<int64>(object_store_ids.begin(), object_store_ids.end()), static_cast<indexed_db::TransactionMode>(mode), this); - DCHECK(transactions_.find(transaction_id) == transactions_.end()); transactions_[transaction_id] = transaction; } diff --git a/content/browser/indexed_db/indexed_db_dispatcher_host.cc b/content/browser/indexed_db/indexed_db_dispatcher_host.cc index e926a9073d..047686743b 100644 --- a/content/browser/indexed_db/indexed_db_dispatcher_host.cc +++ b/content/browser/indexed_db/indexed_db_dispatcher_host.cc @@ -463,6 +463,12 @@ void IndexedDBDispatcherHost::DatabaseDispatcherHost::OnCreateTransaction( int64 host_transaction_id = parent_->HostTransactionId(params.transaction_id); + if (transaction_database_map_.find(host_transaction_id) != + transaction_database_map_.end()) { + DLOG(ERROR) << "Duplicate host_transaction_id."; + return; + } + connection->database()->CreateTransaction( host_transaction_id, connection, params.object_store_ids, params.mode); transaction_database_map_[host_transaction_id] = params.ipc_database_id; |