Chromium Code Reviews Chromium Code Reviews
Issue 493123002:
Track empty username and password in PasswordStore. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "components/password_manager/core/browser/login_database.h" | 5 #include "components/password_manager/core/browser/login_database.h" |
| 6 | 6 |
| 7 #include <algorithm> | 7 #include <algorithm> |
| 8 #include <limits> | 8 #include <limits> |
| 9 | 9 |
| 10 #include "base/bind.h" | 10 #include "base/bind.h" |
| 11 #include "base/debug/dump_without_crashing.h" | |
| 11 #include "base/files/file_path.h" | 12 #include "base/files/file_path.h" |
| 12 #include "base/logging.h" | 13 #include "base/logging.h" |
| 13 #include "base/metrics/histogram.h" | 14 #include "base/metrics/histogram.h" |
| 14 #include "base/pickle.h" | 15 #include "base/pickle.h" |
| 15 #include "base/strings/string_util.h" | 16 #include "base/strings/string_util.h" |
| 16 #include "base/time/time.h" | 17 #include "base/time/time.h" |
| 17 #include "components/autofill/core/common/password_form.h" | 18 #include "components/autofill/core/common/password_form.h" |
| 18 #include "google_apis/gaia/gaia_auth_util.h" | 19 #include "google_apis/gaia/gaia_auth_util.h" |
| 19 #include "google_apis/gaia/gaia_urls.h" | 20 #include "google_apis/gaia/gaia_urls.h" |
| 20 #include "sql/connection.h" | 21 #include "sql/connection.h" |
| (...skipping 81 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 102 form_data_pickle.size()); | 103 form_data_pickle.size()); |
| 103 s->BindInt(COLUMN_USE_ADDITIONAL_AUTH, form.use_additional_authentication); | 104 s->BindInt(COLUMN_USE_ADDITIONAL_AUTH, form.use_additional_authentication); |
| 104 s->BindInt64(COLUMN_DATE_SYNCED, form.date_synced.ToInternalValue()); | 105 s->BindInt64(COLUMN_DATE_SYNCED, form.date_synced.ToInternalValue()); |
| 105 } | 106 } |
| 106 | 107 |
| 107 void AddCallback(int err, sql::Statement* /*stmt*/) { | 108 void AddCallback(int err, sql::Statement* /*stmt*/) { |
| 108 if (err == 19 /*SQLITE_CONSTRAINT*/) | 109 if (err == 19 /*SQLITE_CONSTRAINT*/) |
| 109 DLOG(WARNING) << "LoginDatabase::AddLogin updated an existing form"; | 110 DLOG(WARNING) << "LoginDatabase::AddLogin updated an existing form"; |
| 110 } | 111 } |
| 111 | 112 |
| 113 // http://crbug.com/404012. Let's see where the empty fields come from. | |
| 114 void CheckEmptyUsernameAndPassword(const PasswordForm& form) { | |
|
Ilya Sherman
2014/08/22 03:54:29
nit: "Check" -> "CheckFor"
vasilii
2014/08/22 09:32:25
Done.
| |
| 115 if (form.username_value.empty() && form.password_value.empty()) | |
| 116 base::debug::DumpWithoutCrashing(); | |
|
Ilya Sherman
2014/08/22 03:54:29
I don't really know how this code works. Accordin
vasilii
2014/08/22 09:32:25
This callback is a platform dependent Breakpad met
| |
| 117 } | |
| 118 | |
| 112 } // namespace | 119 } // namespace |
| 113 | 120 |
| 114 LoginDatabase::LoginDatabase() { | 121 LoginDatabase::LoginDatabase() { |
| 115 } | 122 } |
| 116 | 123 |
| 117 LoginDatabase::~LoginDatabase() { | 124 LoginDatabase::~LoginDatabase() { |
| 118 } | 125 } |
| 119 | 126 |
| 120 bool LoginDatabase::Init(const base::FilePath& db_path) { | 127 bool LoginDatabase::Init(const base::FilePath& db_path) { |
| 121 // Set pragmas for a small, private database (based on WebDatabase). | 128 // Set pragmas for a small, private database (based on WebDatabase). |
| (...skipping 202 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 324 break; | 331 break; |
| 325 } | 332 } |
| 326 } | 333 } |
| 327 } | 334 } |
| 328 UMA_HISTOGRAM_ENUMERATION("PasswordManager.SyncingAccountState", | 335 UMA_HISTOGRAM_ENUMERATION("PasswordManager.SyncingAccountState", |
| 329 2 * sync_username.empty() + syncing_account_saved, | 336 2 * sync_username.empty() + syncing_account_saved, |
| 330 4); | 337 4); |
| 331 } | 338 } |
| 332 | 339 |
| 333 PasswordStoreChangeList LoginDatabase::AddLogin(const PasswordForm& form) { | 340 PasswordStoreChangeList LoginDatabase::AddLogin(const PasswordForm& form) { |
| 341 CheckEmptyUsernameAndPassword(form); | |
| 334 PasswordStoreChangeList list; | 342 PasswordStoreChangeList list; |
| 335 std::string encrypted_password; | 343 std::string encrypted_password; |
| 336 if (EncryptedString(form.password_value, &encrypted_password) != | 344 if (EncryptedString(form.password_value, &encrypted_password) != |
| 337 ENCRYPTION_RESULT_SUCCESS) | 345 ENCRYPTION_RESULT_SUCCESS) |
| 338 return list; | 346 return list; |
| 339 | 347 |
| 340 // You *must* change LoginTableColumns if this query changes. | 348 // You *must* change LoginTableColumns if this query changes. |
| 341 sql::Statement s(db_.GetCachedStatement(SQL_FROM_HERE, | 349 sql::Statement s(db_.GetCachedStatement(SQL_FROM_HERE, |
| 342 "INSERT INTO logins " | 350 "INSERT INTO logins " |
| 343 "(origin_url, action_url, username_element, username_value, " | 351 "(origin_url, action_url, username_element, username_value, " |
| (...skipping 21 matching lines...) Expand all Loading... | |
| 365 "(?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)")); | 373 "(?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)")); |
| 366 BindAddStatement(form, encrypted_password, &s); | 374 BindAddStatement(form, encrypted_password, &s); |
| 367 if (s.Run()) { | 375 if (s.Run()) { |
| 368 list.push_back(PasswordStoreChange(PasswordStoreChange::REMOVE, form)); | 376 list.push_back(PasswordStoreChange(PasswordStoreChange::REMOVE, form)); |
| 369 list.push_back(PasswordStoreChange(PasswordStoreChange::ADD, form)); | 377 list.push_back(PasswordStoreChange(PasswordStoreChange::ADD, form)); |
| 370 } | 378 } |
| 371 return list; | 379 return list; |
| 372 } | 380 } |
| 373 | 381 |
| 374 PasswordStoreChangeList LoginDatabase::UpdateLogin(const PasswordForm& form) { | 382 PasswordStoreChangeList LoginDatabase::UpdateLogin(const PasswordForm& form) { |
| 383 CheckEmptyUsernameAndPassword(form); | |
| 375 std::string encrypted_password; | 384 std::string encrypted_password; |
| 376 if (EncryptedString(form.password_value, &encrypted_password) != | 385 if (EncryptedString(form.password_value, &encrypted_password) != |
| 377 ENCRYPTION_RESULT_SUCCESS) | 386 ENCRYPTION_RESULT_SUCCESS) |
| 378 return PasswordStoreChangeList(); | 387 return PasswordStoreChangeList(); |
| 379 | 388 |
| 380 // Replacement is necessary to deal with updating imported credentials. See | 389 // Replacement is necessary to deal with updating imported credentials. See |
| 381 // crbug.com/349138 for details. | 390 // crbug.com/349138 for details. |
| 382 sql::Statement s(db_.GetCachedStatement(SQL_FROM_HERE, | 391 sql::Statement s(db_.GetCachedStatement(SQL_FROM_HERE, |
| 383 "UPDATE OR REPLACE logins SET " | 392 "UPDATE OR REPLACE logins SET " |
| 384 "action_url = ?, " | 393 "action_url = ?, " |
| (...skipping 338 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 723 | 732 |
| 724 bool LoginDatabase::DeleteAndRecreateDatabaseFile() { | 733 bool LoginDatabase::DeleteAndRecreateDatabaseFile() { |
| 725 DCHECK(db_.is_open()); | 734 DCHECK(db_.is_open()); |
| 726 meta_table_.Reset(); | 735 meta_table_.Reset(); |
| 727 db_.Close(); | 736 db_.Close(); |
| 728 sql::Connection::Delete(db_path_); | 737 sql::Connection::Delete(db_path_); |
| 729 return Init(db_path_); | 738 return Init(db_path_); |
| 730 } | 739 } |
| 731 | 740 |
| 732 } // namespace password_manager | 741 } // namespace password_manager |
| OLD | NEW |
