components/signin/core/browser/webdata/token_service_table.cc - Issue 2672603003: Avoid loading an empty token when decrypt failed

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: components/signin/core/browser/webdata/token_service_table.cc

Issue 2672603003: Avoid loading an empty token when decrypt failed (Closed)

Patch Set: Fix compile Created 3 years, 11 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: components/signin/core/browser/webdata/token_service_table.cc

diff --git a/components/signin/core/browser/webdata/token_service_table.cc b/components/signin/core/browser/webdata/token_service_table.cc

index d1ccb08da294425c9bd1aa0e34cd5f46088ef0bb..9333ba74cac8d5fc204dc5650b07b67aeb0e79a7 100644

--- a/components/signin/core/browser/webdata/token_service_table.cc

+++ b/components/signin/core/browser/webdata/token_service_table.cc

@@ -8,6 +8,7 @@

#include <string>

#include "base/logging.h"

+#include "base/metrics/user_metrics.h"

#include "components/os_crypt/os_crypt.h"

#include "components/webdata/common/web_database.h"

#include "sql/statement.h"

@@ -93,8 +94,12 @@ bool TokenServiceTable::GetAllTokens(

sql::Statement s(db_->GetUniqueStatement(

"SELECT service, encrypted_token FROM token_service"));

- if (!s.is_valid())

+ if (!s.is_valid()) {

+ LOG(ERROR) << "Failed to load tokens (invalid SQL statement).";

+ base::RecordAction(

+ base::UserMetricsAction("Signin_TokenTable_GetAllTokensInvalidSql"));

Alexei Svitkine (slow) 2017/02/02 17:22:13 These don't look like actions initiated by a user.

msarda 2017/02/06 10:36:47 Done.

return false;

+ }

while (s.Step()) {

std::string encrypted_token;

@@ -104,10 +109,20 @@ bool TokenServiceTable::GetAllTokens(

bool entry_ok = !service.empty() &&

s.ColumnBlobAsString(1, &encrypted_token);

if (entry_ok) {

- OSCrypt::DecryptString(encrypted_token, &decrypted_token);

- (*tokens)[service] = decrypted_token;

+ if (OSCrypt::DecryptString(encrypted_token, &decrypted_token)) {

+ (*tokens)[service] = decrypted_token;

+ base::RecordAction(

+ base::UserMetricsAction("Signin_TokenTable_LoadTokenSuccess"));

+ } else {

+ // Chrome relies on native APIs to encrypt and decrypt the tokens which

+ // may fail (see http://crbug.com/686485).

+ LOG(ERROR) << "Failed to decrypt token for service " << service;

+ base::RecordAction(

+ base::UserMetricsAction("Signin_TokenTable_DecryptFailed"));

+ }

} else {

- NOTREACHED();

+ LOG(ERROR) << "Bad token entry for service " << service;

+ base::RecordAction(base::UserMetricsAction("Signin_TokenTable_BadEntry"));

return false;

}

« no previous file with comments | « chrome/browser/signin/mutable_profile_oauth2_token_service_delegate.cc ('k') | tools/metrics/actions/actions.xml » ('j') | no next file with comments »