Bug 419751: Implement a safebrowsing protocol command to reset the db. r=tony, a1.9b4=beltzner

toolkit/components/url-classifier/src/nsUrlClassifierDBService.cpp

@@ -1124,6 +1124,8 @@ private:
 
   PRInt32 mUpdateWait;
 
+  PRBool mResetRequested;
+
   enum {
     STATE_LINE,
     STATE_CHUNK
@@ -1187,6 +1189,7 @@ NS_IMPL_THREADSAFE_ISUPPORTS1(nsUrlClassifierDBServiceWorker,
 
 nsUrlClassifierDBServiceWorker::nsUrlClassifierDBServiceWorker()
   : mUpdateWait(0)
+  , mResetRequested(PR_FALSE)
   , mState(STATE_LINE)
   , mChunkType(CHUNK_ADD)
   , mChunkNum(0)
@@ -2487,6 +2490,8 @@ nsUrlClassifierDBServiceWorker::ProcessResponseLines(PRBool* done)
         LOG(("Error parsing n: field: %s", PromiseFlatCString(line).get()));
         mUpdateWait = 0;
       }
+    } else if (line.EqualsLiteral("r:pleasereset")) {
+      mResetRequested = PR_TRUE;
     } else if (line.EqualsLiteral("e:pleaserekey")) {
       mUpdateObserver->RekeyRequested();
     } else if (StringBeginsWith(line, NS_LITERAL_CSTRING("i:"))) {
@@ -2611,6 +2616,7 @@ nsUrlClassifierDBServiceWorker::ResetUpdate()
   mUpdateStatus = NS_OK;
   mUpdateObserver = nsnull;
   mUpdateClientKey.Truncate();
+  mResetRequested = PR_FALSE;
 }
 
 NS_IMETHODIMP
@@ -2849,14 +2855,25 @@ nsUrlClassifierDBServiceWorker::FinishUpdate()
     mUpdateObserver->UpdateError(mUpdateStatus);
   }
 
+  // ResetUpdate() clears mResetRequested...
+  PRBool resetRequested = mResetRequested;
+
   ResetUpdate();
 
+  // It's important that we only reset the database if the update was
+  // successful, otherwise unauthenticated updates could cause a
+  // database reset.
+  if (NS_SUCCEEDED(mUpdateStatus) && resetRequested) {
+    ResetDatabase();
+  }
+
   return NS_OK;
 }
 
 NS_IMETHODIMP
 nsUrlClassifierDBServiceWorker::ResetDatabase()
 {
+  LOG(("nsUrlClassifierDBServiceWorker::ResetDatabase [%p]", this));
   ClearCachedChunkLists();
 
   nsresult rv = CloseDb();

toolkit/components/url-classifier/tests/unit/test_streamupdater.js

@@ -386,6 +386,34 @@ function testRekey() {
   doTest([update], assertions, true, gClientKey);
 }
 
+// Tests a database reset request.
+function testReset() {
+  var addUrls1 = [ "foo.com/a", "foo.com/b" ];
+  var update1 = buildPhishingUpdate(
+    [
+      { "chunkNum" : 1,
+        "urls" : addUrls1
+      }]);
+
+  var update2 = "n:1000\nr:pleasereset\n";
+
+  var addUrls3 = [ "bar.com/a", "bar.com/b" ];
+  var update3 = buildPhishingUpdate(
+    [
+      { "chunkNum" : 3,
+        "urls" : addUrls3
+      }]);
+
+  var assertions = {
+    "tableData" : "test-phish-simple;a:3",
+    "urlsExist" : addUrls3,
+    "urlsDontExist" : addUrls1
+  };
+
+  doTest([update1, update2, update3], assertions, false);
+}
+
+
 function run_test()
 {
   runTests([
@@ -401,6 +429,7 @@ function run_test()
     testInvalidForwardMAC,
     testNoForwardMAC,
     testRekey,
+    testReset,
   ]);
 }