Remove VfsBackend::FileTypeIs{Journal,MainDB}

content/browser/renderer_host/database_message_filter.cc

Index: content/browser/renderer_host/database_message_filter.cc
diff --git a/content/browser/renderer_host/database_message_filter.cc b/content/browser/renderer_host/database_message_filter.cc
index becce16eb95ebbea523417776e8f98d69bf1e629..80c7cfadaf8f6f04a9d3e3d15ed664339fc3be1d 100644
--- a/content/browser/renderer_host/database_message_filter.cc
+++ b/content/browser/renderer_host/database_message_filter.cc
@@ -170,9 +170,7 @@ void DatabaseMessageFilter::OnDatabaseOpenFile(const string16& vfs_file_name,
             VfsBackend::OpenFile(db_file,
                                  desired_flags | SQLITE_OPEN_DELETEONCLOSE,
                                  &file_handle);
-            if (VfsBackend::FileTypeIsMainDB(desired_flags) ||
-                VfsBackend::FileTypeIsJournal(desired_flags))

[Scott Hess - ex-Googler, 2011/07/27 17:31:38]

I took this code to mean that it was whitelisting the things that could
specifically be opened, in case there were other things which shouldn't be
allowed.  AFAICT this would be SQLITE_OPEN_TEMP_DB or SQLITE_OPEN_TRANSIENT_DB.

Though I'm not entirely clear why the test would be after OpenFile() if that was
important.  Just wanted to point it out, in case there are security
considerations or something, here.

[Paweł Hajdan Jr., 2011/07/27 17:54:45]

Thank you for looking. My reasoning is as follows: desired_flags come from the
renderer. A compromised renderer could pass any flags that would pass our checks
here, so I don't think they're security-related.

[michaeln, 2011/07/28 19:32:20]

It's not a security-related, just an attempt to reduce the number of handles the
tracker holds open. In looking at this again, i think this test should be
modified rather than removed...

if (!(desired_flags &  SQLITE_OPEN_DELETEONCLOSE))
  SaveIncognitoFileHandle();

[Paweł Hajdan Jr., 2011/07/29 21:06:34]

When switching to sqlite hooks the way I planned we won't have sqlite flags in
desired_flags. On POSIX, those would be open flags.

Furthermore, in this "if" branch we're forcing SQLITE_OPEN_DELETEONCLOSE anyway
(in the call to VfsBackend::OpenFile).

[michaeln, 2011/07/30 17:53:07]

That change isn't this change. Right now we have the SQLITE_XXX flags to work
with.
Yes we do, and also call SaveInconotoFileHandle to ensure they're not deleted
until the incognito session ends. If the renderer expclitly requests
DELETE_ON_CLOSE, when the renderer closes the handle, the file should be
deleted. For that to happen we can't be stashing another open handle on the
browser side.

Line 171 doesn't alter the value of the caller's desired_flags param. If the
caller said DELETE_ON_CLOSE, we shouldn't save the open handle.

-              db_tracker_->SaveIncognitoFileHandle(vfs_file_name, file_handle);
+            db_tracker_->SaveIncognitoFileHandle(vfs_file_name, file_handle);
           }
         } else {
           VfsBackend::OpenFile(db_file, desired_flags, &file_handle);