| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "components/password_manager/core/browser/login_database.h" | 5 #include "components/password_manager/core/browser/login_database.h" |
| 6 | 6 |
| 7 #include <algorithm> | 7 #include <algorithm> |
| 8 #include <limits> | 8 #include <limits> |
| 9 | 9 |
| 10 #include "base/bind.h" | 10 #include "base/bind.h" |
| (...skipping 100 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 111 s->BindString(COLUMN_AVATAR_URL, form.avatar_url.spec()); | 111 s->BindString(COLUMN_AVATAR_URL, form.avatar_url.spec()); |
| 112 s->BindString(COLUMN_FEDERATION_URL, form.federation_url.spec()); | 112 s->BindString(COLUMN_FEDERATION_URL, form.federation_url.spec()); |
| 113 s->BindInt(COLUMN_IS_ZERO_CLICK, form.is_zero_click); | 113 s->BindInt(COLUMN_IS_ZERO_CLICK, form.is_zero_click); |
| 114 } | 114 } |
| 115 | 115 |
| 116 void AddCallback(int err, sql::Statement* /*stmt*/) { | 116 void AddCallback(int err, sql::Statement* /*stmt*/) { |
| 117 if (err == 19 /*SQLITE_CONSTRAINT*/) | 117 if (err == 19 /*SQLITE_CONSTRAINT*/) |
| 118 DLOG(WARNING) << "LoginDatabase::AddLogin updated an existing form"; | 118 DLOG(WARNING) << "LoginDatabase::AddLogin updated an existing form"; |
| 119 } | 119 } |
| 120 | 120 |
| 121 bool DoesMatchConstraints(const PasswordForm& form) { |
| 122 if (form.origin.is_empty()) { |
| 123 DLOG(ERROR) << "Constraint violation: form.origin is empty"; |
| 124 return false; |
| 125 } |
| 126 if (form.signon_realm.empty()) { |
| 127 DLOG(ERROR) << "Constraint violation: form.signon_realm is empty"; |
| 128 return false; |
| 129 } |
| 130 return true; |
| 131 } |
| 132 |
| 121 // UMA_* macros assume that the name never changes. This is a helper function | 133 // UMA_* macros assume that the name never changes. This is a helper function |
| 122 // where this assumption doesn't hold. | 134 // where this assumption doesn't hold. |
| 123 void LogDynamicUMAStat(const std::string& name, | 135 void LogDynamicUMAStat(const std::string& name, |
| 124 int sample, | 136 int sample, |
| 125 int min, | 137 int min, |
| 126 int max, | 138 int max, |
| 127 int bucket_size) { | 139 int bucket_size) { |
| 128 base::HistogramBase* counter = base::Histogram::FactoryGet( | 140 base::HistogramBase* counter = base::Histogram::FactoryGet( |
| 129 name, | 141 name, |
| 130 min, | 142 min, |
| (...skipping 292 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 423 } | 435 } |
| 424 } | 436 } |
| 425 } | 437 } |
| 426 UMA_HISTOGRAM_ENUMERATION("PasswordManager.SyncingAccountState", | 438 UMA_HISTOGRAM_ENUMERATION("PasswordManager.SyncingAccountState", |
| 427 2 * sync_username.empty() + syncing_account_saved, | 439 2 * sync_username.empty() + syncing_account_saved, |
| 428 4); | 440 4); |
| 429 } | 441 } |
| 430 | 442 |
| 431 PasswordStoreChangeList LoginDatabase::AddLogin(const PasswordForm& form) { | 443 PasswordStoreChangeList LoginDatabase::AddLogin(const PasswordForm& form) { |
| 432 PasswordStoreChangeList list; | 444 PasswordStoreChangeList list; |
| 445 if (!DoesMatchConstraints(form)) |
| 446 return list; |
| 433 std::string encrypted_password; | 447 std::string encrypted_password; |
| 434 if (EncryptedString(form.password_value, &encrypted_password) != | 448 if (EncryptedString(form.password_value, &encrypted_password) != |
| 435 ENCRYPTION_RESULT_SUCCESS) | 449 ENCRYPTION_RESULT_SUCCESS) |
| 436 return list; | 450 return list; |
| 437 | 451 |
| 438 // You *must* change LoginTableColumns if this query changes. | 452 // You *must* change LoginTableColumns if this query changes. |
| 439 sql::Statement s(db_.GetCachedStatement(SQL_FROM_HERE, | 453 sql::Statement s(db_.GetCachedStatement(SQL_FROM_HERE, |
| 440 "INSERT INTO logins " | 454 "INSERT INTO logins " |
| 441 "(origin_url, action_url, username_element, username_value, " | 455 "(origin_url, action_url, username_element, username_value, " |
| 442 " password_element, password_value, submit_element, " | 456 " password_element, password_value, submit_element, " |
| (...skipping 400 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 843 | 857 |
| 844 bool LoginDatabase::DeleteAndRecreateDatabaseFile() { | 858 bool LoginDatabase::DeleteAndRecreateDatabaseFile() { |
| 845 DCHECK(db_.is_open()); | 859 DCHECK(db_.is_open()); |
| 846 meta_table_.Reset(); | 860 meta_table_.Reset(); |
| 847 db_.Close(); | 861 db_.Close(); |
| 848 sql::Connection::Delete(db_path_); | 862 sql::Connection::Delete(db_path_); |
| 849 return Init(db_path_); | 863 return Init(db_path_); |
| 850 } | 864 } |
| 851 | 865 |
| 852 } // namespace password_manager | 866 } // namespace password_manager |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 842163002:
LoginDatabase::AddLogin should handle correctly incorrect input. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master