diff options
author | zxu <zxu@google.com> | 2018-03-09 11:48:07 -0500 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-03-09 11:48:07 -0500 |
commit | e41f4b1857e13c223d8a639329cc784d603ac66e (patch) | |
tree | c92e39372d3df18fc637b3dcc7d8a89c3cbbda93 /Firestore/Source/Remote/FSTDatastore.mm | |
parent | 2ae36f1e9671b40723dd06462b4a416e4baa5a57 (diff) |
Merge Release 4.10.1 into Master (#896)
* Version bumps for Firebase 4.10.1 (#891)
* Minimal fix for b/74357976 (#890)
Fixes b/74357976 which caused unauthenticated users to be unable to reach the Firestore backend and updates the changelog.
* Copy all C++ strings to NSString where they're not obviously safe (#893)
This fixes a known instances of memory corruption where in
FSTLevelDBMutationQueue, the NSString view was retained for later, and
the incorrect user was used, causing b/74381054.
gRPC does not necessarily copy its string argumnets and if our hostname
were configured to a non-default one it's possible that we could corrupt
the host cache too.
All remaining usages of util::WrapNSStringNoCopy are obviously safe:
passed into logging or other known transient usages.
* fix lint
Diffstat (limited to 'Firestore/Source/Remote/FSTDatastore.mm')
-rw-r--r-- | Firestore/Source/Remote/FSTDatastore.mm | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/Firestore/Source/Remote/FSTDatastore.mm b/Firestore/Source/Remote/FSTDatastore.mm index cb4516e..3b536ab 100644 --- a/Firestore/Source/Remote/FSTDatastore.mm +++ b/Firestore/Source/Remote/FSTDatastore.mm @@ -97,7 +97,7 @@ typedef GRPCProtoCall * (^RPCFactory)(void); credentials:(CredentialsProvider *)credentials { if (self = [super init]) { _databaseInfo = databaseInfo; - NSString *host = util::WrapNSStringNoCopy(databaseInfo->host()); + NSString *host = util::WrapNSString(databaseInfo->host()); if (!databaseInfo->ssl_enabled()) { GRPCHost *hostConfig = [GRPCHost hostWithAddress:host]; hostConfig.secure = NO; @@ -319,7 +319,8 @@ typedef GRPCProtoCall * (^RPCFactory)(void); [FSTDatastore prepareHeadersForRPC:rpc databaseID:&self.databaseInfo->database_id() - token:(result.is_valid() ? result.token() : absl::string_view())]; + token:(result.user().is_authenticated() ? result.token() + : absl::string_view())]; [rpc start]; } }]; |