Remove corrupt data from sync worker's encrypted update queue

If decrypting an update fails despite CanDecrypt() returning true, it's
safe to assume the data is corrupted. Hence, let's drop such update and
prevent the worker's update queue from being blocked indefinitely.

Bug: 873902
Change-Id: I01bc8271d2e1daa961f3136d8b5a21d4ecde1ced
Reviewed-on: https://chromium-review.googlesource.com/c/1341531Reviewed-by: Mohamed Amir Yosef <mamir@chromium.org>
Commit-Queue: Mikel Astiz <mastiz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#609267}

components/sync/engine_impl/model_type_worker.cc

@@ -571,11 +571,18 @@ void ModelTypeWorker::DecryptStoredEntities() {
       specifics = data->specifics;
     } else {
       DCHECK(data->specifics.has_encrypted());
-      if (!cryptographer_->CanDecrypt(data->specifics.encrypted()) ||
-          !DecryptSpecifics(*cryptographer_, data->specifics, &specifics)) {
+      if (!cryptographer_->CanDecrypt(data->specifics.encrypted())) {
         ++it;
         continue;
       }
+
+      if (!DecryptSpecifics(*cryptographer_, data->specifics, &specifics)) {
+        // Decryption error should be permanent (e.g. corrupt data), since
+        // CanDecrypt() above claims decryption keys are up-to-date. Let's
+        // ignore this update to avoid blocking other updates.
+        it = entries_pending_decryption_.erase(it);
+        continue;
+      }
     }
 
     UpdateResponseData decrypted_update;