- Flip the flag for improved SafeBrowsing downoad protection.

chrome/browser/safe_browsing/download_protection_service_unittest.cc

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/safe_browsing/download_protection_service.h"
 
 #include <map>
 #include <string>
 
 #include "base/bind.h"
@@ skipping 172 matching lines @@
         BrowserThread::UI,
         FROM_HERE,
         base::Bind(&DownloadProtectionServiceTest::PostRunMessageLoopTask,
                    base::Unretained(this), thread));
     msg_loop_.Run();
   }
 
  public:
   void CheckDoneCallback(
       DownloadProtectionService::DownloadCheckResult result) {
-    result_ = result;
+    result_.reset(new DownloadProtectionService::DownloadCheckResult(result));
     msg_loop_.Quit();
   }
 
   void SendURLFetchComplete(TestURLFetcher* fetcher) {
     fetcher->delegate()->OnURLFetchComplete(fetcher);
   }
 
+  void ExpectResult(DownloadProtectionService::DownloadCheckResult expected) {
+    ASSERT_TRUE(result_.get());
+    EXPECT_EQ(expected, *result_);
+  }
+
  protected:
   scoped_refptr<MockSafeBrowsingService> sb_service_;
   scoped_refptr<MockSignatureUtil> signature_util_;
   DownloadProtectionService* download_service_;
   MessageLoop msg_loop_;
-  DownloadProtectionService::DownloadCheckResult result_;
+  scoped_ptr<DownloadProtectionService::DownloadCheckResult> result_;
   scoped_ptr<content::TestBrowserThread> io_thread_;
   scoped_ptr<content::TestBrowserThread> file_thread_;
   scoped_ptr<content::TestBrowserThread> ui_thread_;
 };
 
 TEST_F(DownloadProtectionServiceTest, CheckClientDownloadInvalidUrl) {
   DownloadProtectionService::DownloadInfo info;
   download_service_->CheckClientDownload(
       info,
       base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback,
                  base::Unretained(this)));
   msg_loop_.Run();
-  EXPECT_EQ(DownloadProtectionService::SAFE, result_);
+  ExpectResult(DownloadProtectionService::SAFE);
 
   // Only https is not supported for now for privacy reasons.
   info.local_file = FilePath(FILE_PATH_LITERAL("a.tmp"));
   info.target_file = FilePath(FILE_PATH_LITERAL("a.exe"));
   info.download_url_chain.push_back(GURL("https://www.google.com/"));
   download_service_->CheckClientDownload(
       info,
       base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback,
                  base::Unretained(this)));
   msg_loop_.Run();
-  EXPECT_EQ(DownloadProtectionService::SAFE, result_);
+  ExpectResult(DownloadProtectionService::SAFE);
 }
 
 TEST_F(DownloadProtectionServiceTest, CheckClientDownloadWhitelistedUrl) {
   DownloadProtectionService::DownloadInfo info;
   info.local_file = FilePath(FILE_PATH_LITERAL("a.tmp"));
   info.target_file = FilePath(FILE_PATH_LITERAL("a.exe"));
   info.download_url_chain.push_back(GURL("http://www.evil.com/bla.exe"));
   info.download_url_chain.push_back(GURL("http://www.google.com/a.exe"));
   info.referrer_url = GURL("http://www.google.com/");
 
   EXPECT_CALL(*sb_service_, MatchDownloadWhitelistUrl(_))
       .WillRepeatedly(Return(false));
   EXPECT_CALL(*sb_service_,
               MatchDownloadWhitelistUrl(GURL("http://www.google.com/a.exe")))
       .WillRepeatedly(Return(true));
   EXPECT_CALL(*signature_util_, CheckSignature(info.local_file, _)).Times(2);
 
   download_service_->CheckClientDownload(
       info,
       base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback,
                  base::Unretained(this)));
   msg_loop_.Run();
-  EXPECT_EQ(DownloadProtectionService::SAFE, result_);
+  ExpectResult(DownloadProtectionService::SAFE);
 
   // Check that the referrer is matched against the whitelist.
   info.download_url_chain.pop_back();
   info.referrer_url = GURL("http://www.google.com/a.exe");
   download_service_->CheckClientDownload(
       info,
       base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback,
                  base::Unretained(this)));
   msg_loop_.Run();
-  EXPECT_EQ(DownloadProtectionService::SAFE, result_);
+  ExpectResult(DownloadProtectionService::SAFE);
 }
 
 TEST_F(DownloadProtectionServiceTest, CheckClientDownloadFetchFailed) {
   FakeURLFetcherFactory factory;
   // HTTP request will fail.
   factory.SetFakeResponse(
       DownloadProtectionService::kDownloadRequestUrl, "", false);
 
   DownloadProtectionService::DownloadInfo info;
   info.local_file = FilePath(FILE_PATH_LITERAL("a.tmp"));
   info.target_file = FilePath(FILE_PATH_LITERAL("a.exe"));
   info.download_url_chain.push_back(GURL("http://www.evil.com/a.exe"));
   info.referrer_url = GURL("http://www.google.com/");
 
   EXPECT_CALL(*sb_service_, MatchDownloadWhitelistUrl(_))
       .WillRepeatedly(Return(false));
   EXPECT_CALL(*signature_util_, CheckSignature(info.local_file, _));
 
   download_service_->CheckClientDownload(
       info,
       base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback,
                  base::Unretained(this)));
   msg_loop_.Run();
-  EXPECT_EQ(DownloadProtectionService::SAFE, result_);
+  ExpectResult(DownloadProtectionService::SAFE);
 }
 
 TEST_F(DownloadProtectionServiceTest, CheckClientDownloadSuccess) {
   ClientDownloadResponse response;
   response.set_verdict(ClientDownloadResponse::SAFE);
   FakeURLFetcherFactory factory;
   // Empty response means SAFE.
   factory.SetFakeResponse(
       DownloadProtectionService::kDownloadRequestUrl,
       response.SerializeAsString(),
       true);
 
   DownloadProtectionService::DownloadInfo info;
   info.local_file = FilePath(FILE_PATH_LITERAL("a.tmp"));
   info.target_file = FilePath(FILE_PATH_LITERAL("a.exe"));
   info.download_url_chain.push_back(GURL("http://www.evil.com/a.exe"));
   info.referrer_url = GURL("http://www.google.com/");
 
   EXPECT_CALL(*sb_service_, MatchDownloadWhitelistUrl(_))
       .WillRepeatedly(Return(false));
   EXPECT_CALL(*signature_util_, CheckSignature(info.local_file, _)).Times(3);
 
   download_service_->CheckClientDownload(
       info,
       base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback,
                  base::Unretained(this)));
   msg_loop_.Run();
-  EXPECT_EQ(DownloadProtectionService::SAFE, result_);
+  ExpectResult(DownloadProtectionService::SAFE);
 
   // Invalid response should be safe too.
   response.Clear();
   factory.SetFakeResponse(
       DownloadProtectionService::kDownloadRequestUrl,
       response.SerializePartialAsString(),
       true);
 
   download_service_->CheckClientDownload(
       info,
       base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback,
                  base::Unretained(this)));
   msg_loop_.Run();
-  EXPECT_EQ(DownloadProtectionService::SAFE, result_);
+  ExpectResult(DownloadProtectionService::SAFE);
 
   // If the response is dangerous the result should also be marked as dangerous.
   response.set_verdict(ClientDownloadResponse::DANGEROUS);
   factory.SetFakeResponse(
       DownloadProtectionService::kDownloadRequestUrl,
       response.SerializeAsString(),
       true);
 
   download_service_->CheckClientDownload(
       info,
       base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback,
                  base::Unretained(this)));
   msg_loop_.Run();
-  EXPECT_EQ(DownloadProtectionService::DANGEROUS, result_);
+  ExpectResult(DownloadProtectionService::DANGEROUS);
 }
 
 TEST_F(DownloadProtectionServiceTest, CheckClientDownloadValidateRequest) {
   TestURLFetcherFactory factory;
 
   DownloadProtectionService::DownloadInfo info;
   info.local_file = FilePath(FILE_PATH_LITERAL("bla.tmp"));
   info.target_file = FilePath(FILE_PATH_LITERAL("bla.exe"));
   info.download_url_chain.push_back(GURL("http://www.google.com/"));
   info.download_url_chain.push_back(GURL("http://www.google.com/bla.exe"));
@@ skipping 112 matching lines @@
   // CheckDownloadHash returns immediately which means the hash is not
   // malicious.
   EXPECT_CALL(*sb_service_,
               CheckDownloadHash(info.sha256_hash, NotNull()))
       .WillOnce(Return(true));
   download_service_->CheckClientDownload(
       info,
       base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback,
                  base::Unretained(this)));
   msg_loop_.Run();
-  EXPECT_EQ(DownloadProtectionService::SAFE, result_);
+  ExpectResult(DownloadProtectionService::SAFE);
   Mock::VerifyAndClearExpectations(sb_service_);
 
   // The hash does not match the bad binary digest list.
   EXPECT_CALL(*sb_service_,
               CheckDownloadHash(info.sha256_hash, NotNull()))
       .WillOnce(DoAll(CheckDownloadHashDone(SafeBrowsingService::SAFE),
                       Return(false)));
   download_service_->CheckClientDownload(
       info,
       base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback,
                  base::Unretained(this)));
   msg_loop_.Run();
-  EXPECT_EQ(DownloadProtectionService::SAFE, result_);
+  ExpectResult(DownloadProtectionService::SAFE);
   Mock::VerifyAndClearExpectations(sb_service_);
 
   // The hash matches the bad binary URL list but not the bad binary digest
   // list.  This is an artificial example to make sure we really check the
   // result value in the code.
   EXPECT_CALL(*sb_service_,
               CheckDownloadHash(info.sha256_hash, NotNull()))
       .WillOnce(DoAll(
           CheckDownloadHashDone(SafeBrowsingService::BINARY_MALWARE_URL),
           Return(false)));
   download_service_->CheckClientDownload(
       info,
       base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback,
                  base::Unretained(this)));
   msg_loop_.Run();
-  EXPECT_EQ(DownloadProtectionService::SAFE, result_);
+  ExpectResult(DownloadProtectionService::SAFE);
   Mock::VerifyAndClearExpectations(sb_service_);
 
   // A match is found with the bad binary digest list.  We currently do not
   // warn based on the digest list.  Hence we should always return SAFE.
   EXPECT_CALL(*sb_service_,
               CheckDownloadHash(info.sha256_hash, NotNull()))
       .WillOnce(DoAll(
           CheckDownloadHashDone(SafeBrowsingService::BINARY_MALWARE_HASH),
           Return(false)));
   download_service_->CheckClientDownload(
       info,
       base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback,
                  base::Unretained(this)));
   msg_loop_.Run();
-  EXPECT_EQ(DownloadProtectionService::SAFE, result_);
+  ExpectResult(DownloadProtectionService::SAFE);
   Mock::VerifyAndClearExpectations(sb_service_);
 
   // If the download is not an executable we do not send a server ping but we
   // still want to lookup the binary digest list.
   info.target_file = FilePath(FILE_PATH_LITERAL("a.pdf"));
   info.download_url_chain[0] = GURL("http://www.evil.com/a.pdf");
   EXPECT_CALL(*sb_service_,
               CheckDownloadHash(info.sha256_hash, NotNull()))
       .WillOnce(DoAll(
           CheckDownloadHashDone(SafeBrowsingService::BINARY_MALWARE_HASH),
           Return(false)));
   download_service_->CheckClientDownload(
       info,
       base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback,
                  base::Unretained(this)));
   msg_loop_.Run();
-  EXPECT_EQ(DownloadProtectionService::SAFE, result_);
+  ExpectResult(DownloadProtectionService::SAFE);
   Mock::VerifyAndClearExpectations(sb_service_);
 
   // If the URL or the referrer matches the download whitelist we cannot send
   // a server ping for privacy reasons but we still match the digest against
   // the bad binary digest list.
   info.target_file = FilePath(FILE_PATH_LITERAL("a.exe"));
   info.download_url_chain[0] = GURL("http://www.evil.com/a.exe");
   EXPECT_CALL(*sb_service_, MatchDownloadWhitelistUrl(_))
       .WillRepeatedly(Return(true));
   EXPECT_CALL(*signature_util_, CheckSignature(info.local_file, _));
   EXPECT_CALL(*sb_service_,
               CheckDownloadHash(info.sha256_hash, NotNull()))
       .WillOnce(DoAll(
           CheckDownloadHashDone(SafeBrowsingService::BINARY_MALWARE_HASH),
           Return(false)));
   download_service_->CheckClientDownload(
       info,
       base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback,
                  base::Unretained(this)));
   msg_loop_.Run();
-  EXPECT_EQ(DownloadProtectionService::SAFE, result_);
+  ExpectResult(DownloadProtectionService::SAFE);
   Mock::VerifyAndClearExpectations(sb_service_);
 
   // If the binary is a trusted executable we will not ping the server but
   // we will still lookup the digest list.
   EXPECT_CALL(*sb_service_, MatchDownloadWhitelistUrl(_))
       .WillRepeatedly(Return(false));
   EXPECT_CALL(*signature_util_, CheckSignature(info.local_file, _))
       .WillOnce(TrustSignature());
   EXPECT_CALL(*sb_service_,
               CheckDownloadHash(info.sha256_hash, NotNull()))
       .WillOnce(DoAll(CheckDownloadHashDone(SafeBrowsingService::SAFE),
                       Return(false)));
   download_service_->CheckClientDownload(
       info,
       base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback,
                  base::Unretained(this)));
   msg_loop_.Run();
-  EXPECT_EQ(DownloadProtectionService::SAFE, result_);
+  ExpectResult(DownloadProtectionService::SAFE);
 }
 
 TEST_F(DownloadProtectionServiceTest, TestCheckDownloadUrl) {
   DownloadProtectionService::DownloadInfo info;
   info.download_url_chain.push_back(GURL("http://www.google.com/"));
   info.download_url_chain.push_back(GURL("http://www.google.com/bla.exe"));
   info.referrer_url = GURL("http://www.google.com/");
 
   // CheckDownloadURL returns immediately which means the client object callback
   // will never be called.  Nevertheless the callback provided to
   // CheckClientDownload must still be called.
   EXPECT_CALL(*sb_service_,
               CheckDownloadUrl(ContainerEq(info.download_url_chain),
                                NotNull()))
       .WillOnce(Return(true));
   download_service_->CheckDownloadUrl(
       info,
       base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback,
                  base::Unretained(this)));
   msg_loop_.Run();
-  EXPECT_EQ(DownloadProtectionService::SAFE, result_);
+  ExpectResult(DownloadProtectionService::SAFE);
   Mock::VerifyAndClearExpectations(sb_service_);
 
   EXPECT_CALL(*sb_service_,
               CheckDownloadUrl(ContainerEq(info.download_url_chain),
                                NotNull()))
       .WillOnce(DoAll(CheckDownloadUrlDone(SafeBrowsingService::SAFE),
                       Return(false)));
   download_service_->CheckDownloadUrl(
       info,
       base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback,
                  base::Unretained(this)));
   msg_loop_.Run();
-  EXPECT_EQ(DownloadProtectionService::SAFE, result_);
+  ExpectResult(DownloadProtectionService::SAFE);
   Mock::VerifyAndClearExpectations(sb_service_);
 
   EXPECT_CALL(*sb_service_,
               CheckDownloadUrl(ContainerEq(info.download_url_chain),
                                NotNull()))
       .WillOnce(DoAll(
           CheckDownloadUrlDone(SafeBrowsingService::URL_MALWARE),
           Return(false)));
   download_service_->CheckDownloadUrl(
       info,
       base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback,
                  base::Unretained(this)));
   msg_loop_.Run();
-  EXPECT_EQ(DownloadProtectionService::SAFE, result_);
+  ExpectResult(DownloadProtectionService::SAFE);
   Mock::VerifyAndClearExpectations(sb_service_);
 
   EXPECT_CALL(*sb_service_,
               CheckDownloadUrl(ContainerEq(info.download_url_chain),
                                NotNull()))
       .WillOnce(DoAll(
           CheckDownloadUrlDone(SafeBrowsingService::BINARY_MALWARE_URL),
           Return(false)));
   download_service_->CheckDownloadUrl(
       info,
       base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback,
                  base::Unretained(this)));
   msg_loop_.Run();
-  EXPECT_EQ(DownloadProtectionService::DANGEROUS, result_);
+  ExpectResult(DownloadProtectionService::DANGEROUS);
+}
+
+TEST_F(DownloadProtectionServiceTest, TestDownloadRequestTimeout) {
+  TestURLFetcherFactory factory;
+
+  DownloadProtectionService::DownloadInfo info;
+  info.download_url_chain.push_back(GURL("http://www.evil.com/bla.exe"));
+  info.referrer_url = GURL("http://www.google.com/");
+  info.local_file = FilePath(FILE_PATH_LITERAL("a.tmp"));
+  info.target_file = FilePath(FILE_PATH_LITERAL("a.exe"));
+
+  EXPECT_CALL(*sb_service_, MatchDownloadWhitelistUrl(_))
+      .WillRepeatedly(Return(false));
+  EXPECT_CALL(*signature_util_, CheckSignature(info.local_file, _));
+
+  download_service_->download_request_timeout_ms_ = 10;
+  download_service_->CheckClientDownload(
+      info,
+      base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback,
+                 base::Unretained(this)));
+  // Run the message loop(s) until SendRequest is called.
+  FlushThreadMessageLoops();
+
+  // The request should time out because the HTTP request hasn't returned
+  // anything yet.
+  msg_loop_.Run();
+  ExpectResult(DownloadProtectionService::SAFE);
 }
 }  // namespace safe_browsing