Last Comment Bug 392521 - Automatic shared db update fails if user opens database R/W but never supplies a password
: Automatic shared db update fails if user opens database R/W but never supplie...
Status: RESOLVED FIXED
:
Product: NSS
Classification: Components
Component: Libraries (show other bugs)
: trunk
: x86 Linux
: -- normal (vote)
: 3.12
Assigned To: Robert Relyea
:
Mentors:
Depends on:
Blocks: 217538
  Show dependency treegraph
 
Reported: 2007-08-16 17:04 PDT by Robert Relyea
Modified: 2007-09-12 13:19 PDT (History)
0 users
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---


Attachments
Detect the case where the database was created, but never updated. (1.10 KB, patch)
2007-08-20 12:00 PDT, Robert Relyea
alvolkov.bgs: review-
Details | Diff | Review
Version 2: Detect the case where the database was created, but never updated. (1.09 KB, patch)
2007-09-11 17:42 PDT, Robert Relyea
alvolkov.bgs: review+
Details | Diff | Review

Description Robert Relyea 2007-08-16 17:04:11 PDT
If you open a new shared library database, with an old dbm database in the same directory, NSS will attempt to update  the new shared library database from the old database, however a password is required to complete the update.

If the application fails to supply the password while it's running and closes down, the next time the application opens the database it will open the new empty shared library database.

SDB needs to return needUpdate true for any these empty databases just like it does for new databases.
Comment 1 Robert Relyea 2007-08-20 12:00:22 PDT
Created attachment 277420 [details] [diff] [review]
Detect the case where the database was created, but never updated.

the meta data table is created when the database is initialized or updated to hold the password record. Currently the meta data table is only in the key db. If there is no key db, then update happens immediately after the first open.

alexei, if you are overloaded, feel free to bounce this review to someone else.

Thanks,

bob
Comment 2 Alexei Volkov 2007-09-10 11:39:49 PDT
Comment on attachment 277420 [details] [diff] [review]
Detect the case where the database was created, but never updated.

r- mostly because of dereferencing of a pointer to NULL(sdb_p). 

What does "metaData" table exist for?

I also would like to read more about sqlite db to understand how they control table creating and data sharing between processes.
Comment 3 Robert Relyea 2007-09-10 15:33:35 PDT
egad, I'm wondering why that didn't crash in my tests now!

metaData table exists to store the password check record and authentication macs.
It's created as the last step of a transaction when initializing the database.

sqlite3 supports transaction logs and critical interprocess locking to provide coherency.

bob
Comment 4 Robert Relyea 2007-09-11 17:42:11 PDT
Created attachment 280534 [details] [diff] [review]
Version 2: Detect the case where the database was created, but never updated.

OK, this one doesn't crash.
Comment 5 Alexei Volkov 2007-09-12 10:27:50 PDT
Comment on attachment 280534 [details] [diff] [review]
Version 2: Detect the case where the database was created, but never updated.

Bob, could expend the comment explaining, why we only care about key DB(type  == SDB_KEY) in this block of code. thx
Comment 6 Robert Relyea 2007-09-12 13:19:26 PDT
Checked in with expanded comment.

Checking in sdb.c;
/cvsroot/mozilla/security/nss/lib/softoken/sdb.c,v  <--  sdb.c
new revision: 1.4; previous revision: 1.3
done

Note You need to log in before you can comment on or make changes to this bug.