Chromium Code Reviews Chromium Code Reviews
Issue 1262753002:
[SafeBrowsing] Send pings for Zip files that contain other archives. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/common/safe_browsing/download_protection_util.h" | 5 #include "chrome/common/safe_browsing/download_protection_util.h" |
| 6 | 6 |
| 7 #include "base/files/file_path.h" | 7 #include "base/files/file_path.h" |
| 8 #include "base/logging.h" | 8 #include "base/logging.h" |
| 9 | 9 |
| 10 namespace safe_browsing { | 10 namespace safe_browsing { |
| 11 namespace download_protection_util { | 11 namespace download_protection_util { |
| 12 | 12 |
| 13 bool IsArchiveFile(const base::FilePath& file) { | 13 bool IsArchiveFile(const base::FilePath& file) { |
| 14 // TODO(mattm): should .dmg be checked here instead of IsBinaryFile? | 14 // List of interesting archive file formats. These are by no means exhaustive, |
| 15 return file.MatchesExtension(FILE_PATH_LITERAL(".zip")); | 15 // but are currently file types that Safe Browsing would like to see pings for |
| 16 // due to the possibility of them being used as wrapper formats for malicious | |
| 17 // payloads. | |
| 18 const base::FilePath::CharType* kArchiveFileTypes[] = { | |
| 19 FILE_PATH_LITERAL(".zip"), | |
| 20 FILE_PATH_LITERAL(".rar"), | |
| 21 FILE_PATH_LITERAL(".7z"), | |
| 22 FILE_PATH_LITERAL(".cab"), | |
| 23 FILE_PATH_LITERAL(".xz"), | |
| 24 FILE_PATH_LITERAL(".gz"), | |
| 25 FILE_PATH_LITERAL(".tgz"), | |
| 26 FILE_PATH_LITERAL(".bz2"), | |
| 27 FILE_PATH_LITERAL(".tar"), | |
| 28 FILE_PATH_LITERAL(".arj"), | |
| 29 FILE_PATH_LITERAL(".lzh"), | |
| 30 FILE_PATH_LITERAL(".lha"), | |
| 31 FILE_PATH_LITERAL(".wim"), | |
| 32 FILE_PATH_LITERAL(".z"), | |
| 33 FILE_PATH_LITERAL(".lzma"), | |
| 34 FILE_PATH_LITERAL(".cpio"), | |
| 35 }; | |
| 36 for (const auto& extension : kArchiveFileTypes) | |
|
Alexei Svitkine (slow)
2015/07/31 20:49:36
Nit: {}
asanka
2015/07/31 21:13:03
Done.
| |
| 37 if (file.MatchesExtension(extension)) | |
| 38 return true; | |
| 39 // TODO(mattm): should .dmg be checked here instead of IsSupportedBinaryFile? | |
| 40 return false; | |
| 16 } | 41 } |
| 17 | 42 |
| 18 bool IsBinaryFile(const base::FilePath& file) { | 43 bool IsSupportedBinaryFile(const base::FilePath& file) { |
| 19 const base::FilePath::CharType* kSupportedBinaryFileTypes[] = { | 44 const base::FilePath::CharType* kSupportedBinaryFileTypes[] = { |
| 20 // Executable extensions for MS Windows. | 45 // Executable extensions for MS Windows. |
| 21 FILE_PATH_LITERAL(".cab"), | |
| 22 FILE_PATH_LITERAL(".cmd"), | 46 FILE_PATH_LITERAL(".cmd"), |
| 23 FILE_PATH_LITERAL(".com"), | 47 FILE_PATH_LITERAL(".com"), |
| 24 FILE_PATH_LITERAL(".dll"), | 48 FILE_PATH_LITERAL(".dll"), |
| 25 FILE_PATH_LITERAL(".exe"), | 49 FILE_PATH_LITERAL(".exe"), |
| 26 FILE_PATH_LITERAL(".msc"), | 50 FILE_PATH_LITERAL(".msc"), |
| 27 FILE_PATH_LITERAL(".msi"), | 51 FILE_PATH_LITERAL(".msi"), |
| 28 FILE_PATH_LITERAL(".msp"), | 52 FILE_PATH_LITERAL(".msp"), |
| 29 FILE_PATH_LITERAL(".mst"), | 53 FILE_PATH_LITERAL(".mst"), |
| 30 FILE_PATH_LITERAL(".pif"), | 54 FILE_PATH_LITERAL(".pif"), |
| 31 FILE_PATH_LITERAL(".scr"), | 55 FILE_PATH_LITERAL(".scr"), |
| (...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 65 // Mac extensions. | 89 // Mac extensions. |
| 66 FILE_PATH_LITERAL(".app"), | 90 FILE_PATH_LITERAL(".app"), |
| 67 FILE_PATH_LITERAL(".dmg"), | 91 FILE_PATH_LITERAL(".dmg"), |
| 68 FILE_PATH_LITERAL(".osx"), | 92 FILE_PATH_LITERAL(".osx"), |
| 69 FILE_PATH_LITERAL(".pkg"), | 93 FILE_PATH_LITERAL(".pkg"), |
| 70 }; | 94 }; |
| 71 for (const auto& extension : kSupportedBinaryFileTypes) | 95 for (const auto& extension : kSupportedBinaryFileTypes) |
| 72 if (file.MatchesExtension(extension)) | 96 if (file.MatchesExtension(extension)) |
| 73 return true; | 97 return true; |
| 74 | 98 |
| 75 // Archives _may_ contain binaries, we'll check in ExtractFileFeatures. | 99 // .zip files are examined for any executables or other archives they may |
| 76 return IsArchiveFile(file); | 100 // contain. Currently no other archive formats are supported. |
| 101 return file.MatchesExtension(FILE_PATH_LITERAL(".zip")); | |
| 77 } | 102 } |
| 78 | 103 |
| 79 ClientDownloadRequest::DownloadType GetDownloadType( | 104 ClientDownloadRequest::DownloadType GetDownloadType( |
| 80 const base::FilePath& file) { | 105 const base::FilePath& file) { |
| 81 DCHECK(IsBinaryFile(file)); | 106 DCHECK(IsSupportedBinaryFile(file)); |
| 82 if (file.MatchesExtension(FILE_PATH_LITERAL(".apk"))) | 107 if (file.MatchesExtension(FILE_PATH_LITERAL(".apk"))) |
| 83 return ClientDownloadRequest::ANDROID_APK; | 108 return ClientDownloadRequest::ANDROID_APK; |
| 84 else if (file.MatchesExtension(FILE_PATH_LITERAL(".crx"))) | 109 else if (file.MatchesExtension(FILE_PATH_LITERAL(".crx"))) |
| 85 return ClientDownloadRequest::CHROME_EXTENSION; | 110 return ClientDownloadRequest::CHROME_EXTENSION; |
| 86 // For zip files, we use the ZIPPED_EXECUTABLE type since we will only send | |
| 87 // the pingback if we find an executable inside the zip archive. | |
| 88 else if (file.MatchesExtension(FILE_PATH_LITERAL(".zip"))) | 111 else if (file.MatchesExtension(FILE_PATH_LITERAL(".zip"))) |
| 112 // DownloadProtectionService doesn't send a ClientDownloadRequest for ZIP | |
| 113 // files unless they contain either executables or archives. The resulting | |
| 114 // DownloadType is either ZIPPED_EXECUTABLE or ZIPPED_ARCHIVE respectively. | |
| 115 // This function will return ZIPPED_EXECUTABLE for ZIP files as a | |
| 116 // placeholder. The correct DownloadType will be determined based on the | |
| 117 // result of analyzing the ZIP file. | |
| 89 return ClientDownloadRequest::ZIPPED_EXECUTABLE; | 118 return ClientDownloadRequest::ZIPPED_EXECUTABLE; |
| 90 else if (file.MatchesExtension(FILE_PATH_LITERAL(".dmg")) || | 119 else if (file.MatchesExtension(FILE_PATH_LITERAL(".dmg")) || |
| 91 file.MatchesExtension(FILE_PATH_LITERAL(".pkg")) || | 120 file.MatchesExtension(FILE_PATH_LITERAL(".pkg")) || |
| 92 file.MatchesExtension(FILE_PATH_LITERAL(".osx")) || | 121 file.MatchesExtension(FILE_PATH_LITERAL(".osx")) || |
| 93 file.MatchesExtension(FILE_PATH_LITERAL(".app"))) | 122 file.MatchesExtension(FILE_PATH_LITERAL(".app"))) |
| 94 return ClientDownloadRequest::MAC_EXECUTABLE; | 123 return ClientDownloadRequest::MAC_EXECUTABLE; |
| 95 return ClientDownloadRequest::WIN_EXECUTABLE; | 124 return ClientDownloadRequest::WIN_EXECUTABLE; |
| 96 } | 125 } |
| 97 | 126 |
| 98 } // namespace download_protection_util | 127 } // namespace download_protection_util |
| 99 } // namespace safe_browsing | 128 } // namespace safe_browsing |
| OLD | NEW |
