New issue
Advanced search Search tips

Issue 870662 link

Starred by 3 users

Issue metadata

Status: Available
Owner: ----
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 1
Type: Bug



Sign in to add a comment

IdentityManager should maintain stacks of pending informations for firing token updated and removed notifications

Project Member Reported by blundell@chromium.org, Aug 3

Issue description

https://chromium-review.googlesource.com/c/chromium/src/+/1152731 fixed a bug wherein IdentityManager was notifying its observers too early of token updated and removal events (for full context, see that bug). However, the fix has a theoretical hole:
- If an observer of one of the token updated/removed notifications (either for IdentityManager or for ProfileOAuth2TokenService) itself causes a refresh token to be updated/revoked, IdentityManager::WillFireOnRefreshToken*() will get invoked in a re-entrant fashion and its pending state will get clobbered.
- In this case, there would be two queued callbacks for IdentityManager::OnRefreshTokenAvailable() [or Revoked() as relevant]. The second one of these would crash because it would index into null state.

Mihai and I believe that this concern *is* theoretical. However, it should be fixed by having IdentityManager maintain a stack of pending information rather than a single variable.
 
Components: Internals>Services>Identity

Sign in to add a comment