Be more lenient about inspecting/pinging on invalid downloaded .zip's

chrome/browser/safe_browsing/download_protection_service_unittest.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/safe_browsing/download_protection_service.h"
 
 #include <stdint.h>
 #include <map>
 #include <string>
 
 #include "base/base_paths.h"
 #include "base/bind.h"
 #include "base/callback.h"
 #include "base/command_line.h"
 #include "base/files/file_path.h"
 #include "base/files/file_util.h"
 #include "base/files/scoped_temp_dir.h"
 #include "base/memory/ref_counted.h"
 #include "base/memory/scoped_ptr.h"
 #include "base/message_loop/message_loop.h"
 #include "base/path_service.h"
+#include "base/prefs/pref_service.h"
 #include "base/run_loop.h"
 #include "base/strings/string_number_conversions.h"
 #include "base/threading/sequenced_worker_pool.h"
 #include "chrome/browser/history/history_service_factory.h"
 #include "chrome/browser/safe_browsing/database_manager.h"
 #include "chrome/browser/safe_browsing/download_feedback_service.h"
 #include "chrome/browser/safe_browsing/incident_reporting/incident_reporting_service.h"
 #include "chrome/browser/safe_browsing/local_database_manager.h"
 #include "chrome/browser/safe_browsing/safe_browsing_service.h"
 #include "chrome/browser/safe_browsing/test_database_manager.h"
 #include "chrome/common/chrome_switches.h"
+#include "chrome/common/pref_names.h"
 #include "chrome/common/safe_browsing/binary_feature_extractor.h"
 #include "chrome/common/safe_browsing/csd.pb.h"
 #include "chrome/test/base/testing_profile.h"
 #include "components/history/core/browser/history_service.h"
 #include "content/public/browser/download_danger_type.h"
 #include "content/public/browser/page_navigator.h"
 #include "content/public/test/mock_download_item.h"
 #include "content/public/test/test_browser_thread_bundle.h"
 #include "content/public/test/test_utils.h"
 #include "net/base/url_util.h"
@@ skipping 193 matching lines @@
     has_result_ = false;
 
     base::FilePath source_path;
     ASSERT_TRUE(PathService::Get(base::DIR_SOURCE_ROOT, &source_path));
     testdata_path_ = source_path
         .AppendASCII("chrome")
         .AppendASCII("test")
         .AppendASCII("data")
         .AppendASCII("safe_browsing")
         .AppendASCII("download_protection");
+
+    // Setup a profile
+    ASSERT_TRUE(profile_dir_.CreateUniqueTempDir());
+    profile_.reset(new TestingProfile(profile_dir_.path()));
+    ASSERT_TRUE(profile_->CreateHistoryService(true /* delete_file */,
+                                               false /* no_db */));
   }
 
   void TearDown() override {
     client_download_request_subscription_.reset();
     sb_service_->ShutDown();
     // Flush all of the thread message loops to ensure that there are no
     // tasks currently running.
     FlushThreadMessageLoops();
     sb_service_ = NULL;
   }
@@ skipping 139 matching lines @@
   testing::AssertionResult IsResult(
       DownloadProtectionService::DownloadCheckResult expected) {
     if (!has_result_)
       return testing::AssertionFailure() << "No result";
     has_result_ = false;
     return result_ == expected ?
         testing::AssertionSuccess() :
         testing::AssertionFailure() << "Expected " << expected <<
                                        ", got " << result_;
   }
+  // Check scenarios where we should/shouldn't send a report for
+  // a corrupted zip.
+  void CheckClientDownloadReportCorruptZip(bool is_extended_reporting,
+                                           bool is_incognito);
+
 
  protected:
   scoped_refptr<FakeSafeBrowsingService> sb_service_;
   scoped_refptr<MockBinaryFeatureExtractor> binary_feature_extractor_;
   DownloadProtectionService* download_service_;
   DownloadProtectionService::DownloadCheckResult result_;
   bool has_result_;
   content::TestBrowserThreadBundle test_browser_thread_bundle_;
   content::InProcessUtilityThreadHelper in_process_utility_thread_helper_;
   base::FilePath testdata_path_;
   DownloadProtectionService::ClientDownloadRequestSubscription
       client_download_request_subscription_;
   scoped_ptr<ClientDownloadRequest> last_client_download_request_;
+  base::ScopedTempDir profile_dir_;
+  scoped_ptr<TestingProfile> profile_;
 };
 
+
+void DownloadProtectionServiceTest::CheckClientDownloadReportCorruptZip(
+    bool is_extended_reporting,
+    bool is_incognito) {
+  ClientDownloadResponse response;
+  response.set_verdict(ClientDownloadResponse::SAFE);
+  net::FakeURLFetcherFactory factory(NULL);
+  // Empty response means SAFE.
+  factory.SetFakeResponse(
+      DownloadProtectionService::GetDownloadRequestUrl(),
+      response.SerializeAsString(),
+      net::HTTP_OK, net::URLRequestStatus::SUCCESS);
+
+  base::ScopedTempDir download_dir;
+  ASSERT_TRUE(download_dir.CreateUniqueTempDir());
+
+  base::FilePath a_tmp(download_dir.path().Append(FILE_PATH_LITERAL("a.tmp")));
+  base::FilePath a_zip(FILE_PATH_LITERAL("a.zip"));
+  std::vector<GURL> url_chain;
+  url_chain.push_back(GURL("http://www.evil.com/a.zip"));
+  GURL referrer("http://www.google.com/");
+  std::string hash = "hash";
+  profile_->GetPrefs()->SetBoolean(prefs::kSafeBrowsingExtendedReportingEnabled,
+                                   is_extended_reporting);
+
+  content::MockDownloadItem item;
+  EXPECT_CALL(item, GetFullPath()).WillRepeatedly(ReturnRef(a_tmp));
+  EXPECT_CALL(item, GetTargetFilePath()).WillRepeatedly(ReturnRef(a_zip));
+  EXPECT_CALL(item, GetUrlChain()).WillRepeatedly(ReturnRef(url_chain));
+  EXPECT_CALL(item, GetReferrerUrl()).WillRepeatedly(ReturnRef(referrer));
+  EXPECT_CALL(item, GetTabUrl()).WillRepeatedly(ReturnRef(GURL::EmptyGURL()));
+  EXPECT_CALL(item, GetTabReferrerUrl())
+      .WillRepeatedly(ReturnRef(GURL::EmptyGURL()));
+  EXPECT_CALL(item, GetHash()).WillRepeatedly(ReturnRef(hash));
+  EXPECT_CALL(item, GetReceivedBytes()).WillRepeatedly(Return(100));
+  EXPECT_CALL(item, HasUserGesture()).WillRepeatedly(Return(true));
+  EXPECT_CALL(item, GetRemoteAddress()).WillRepeatedly(Return(""));
+
+  if (is_incognito) {
+    EXPECT_CALL(item, GetBrowserContext())
+        .WillRepeatedly(Return(profile_->GetOffTheRecordProfile()));
+  } else {
+    EXPECT_CALL(item, GetBrowserContext())
+        .WillRepeatedly(Return(profile_.get()));
+  }
+
+  std::string file_contents = "corrupt zip file";
+  ASSERT_EQ(static_cast<int>(file_contents.size()), base::WriteFile(
+      a_tmp, file_contents.data(), file_contents.size()));
+
+  download_service_->CheckClientDownload(
+      &item,
+      base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback,
+                 base::Unretained(this)));
+  MessageLoop::current()->Run();
+
+#if defined(OS_WIN) || defined(OS_MACOSX) || defined(OS_CHROMEOS)
+  const bool expect_request = is_extended_reporting && !is_incognito;
+#else
+  // For !(OS_WIN || OS_MACOSX || OS_CHROMEOS),
+  // no file types are currently supported.
+  const bool expect_request = false;
+#endif
+
+  if (expect_request) {
+    ASSERT_TRUE(HasClientDownloadRequest());
+    EXPECT_EQ(0, GetClientDownloadRequest()->archived_binary_size());
+    EXPECT_TRUE(GetClientDownloadRequest()->has_download_type());
+    EXPECT_EQ(ClientDownloadRequest_DownloadType_INVALID_ZIP,
+              GetClientDownloadRequest()->download_type());
+    ClearClientDownloadRequest();
+  } else {
+    EXPECT_TRUE(IsResult(DownloadProtectionService::UNKNOWN));
+    EXPECT_FALSE(HasClientDownloadRequest());
+  }
+
+  Mock::VerifyAndClearExpectations(sb_service_.get());
+  Mock::VerifyAndClearExpectations(binary_feature_extractor_.get());
+}
+
+
 TEST_F(DownloadProtectionServiceTest, CheckClientDownloadInvalidUrl) {
   base::FilePath a_tmp(FILE_PATH_LITERAL("a.tmp"));
   base::FilePath a_exe(FILE_PATH_LITERAL("a.exe"));
   std::vector<GURL> url_chain;
   GURL referrer("http://www.google.com/");
   std::string hash = "hash";
 
   content::MockDownloadItem item;
   EXPECT_CALL(item, GetFullPath()).WillRepeatedly(ReturnRef(a_tmp));
   EXPECT_CALL(item, GetTargetFilePath()).WillRepeatedly(ReturnRef(a_exe));
@@ skipping 746 matching lines @@
 #else
   // For !(OS_WIN || OS_MACOSX || OS_CHROMEOS),
   // no file types are currently supported. Hence
   // the resulting verdict is UNKNOWN.
   EXPECT_TRUE(IsResult(DownloadProtectionService::UNKNOWN));
   EXPECT_FALSE(HasClientDownloadRequest());
 #endif
   Mock::VerifyAndClearExpectations(binary_feature_extractor_.get());
 }
 
-TEST_F(DownloadProtectionServiceTest, CheckClientDownloadCorruptZip) {
-  base::ScopedTempDir download_dir;
-  ASSERT_TRUE(download_dir.CreateUniqueTempDir());
+TEST_F(DownloadProtectionServiceTest,
+       CheckClientDownloadReportCorruptZipNormal) {
+  // !is_extended_reporting && !is_incognito
+  CheckClientDownloadReportCorruptZip(false, false);
+}
 
-  base::FilePath a_tmp(download_dir.path().Append(FILE_PATH_LITERAL("a.tmp")));
-  base::FilePath a_zip(FILE_PATH_LITERAL("a.zip"));
-  std::vector<GURL> url_chain;
-  url_chain.push_back(GURL("http://www.evil.com/a.zip"));
-  GURL referrer("http://www.google.com/");
-  std::string hash = "hash";
+TEST_F(DownloadProtectionServiceTest,
+       CheckClientDownloadReportCorruptZipExtended) {
+  // !is_extended_reporting && !is_incognito
+  CheckClientDownloadReportCorruptZip(true, false);
+}
 
-  content::MockDownloadItem item;
-  EXPECT_CALL(item, GetFullPath()).WillRepeatedly(ReturnRef(a_tmp));
-  EXPECT_CALL(item, GetTargetFilePath()).WillRepeatedly(ReturnRef(a_zip));
-  EXPECT_CALL(item, GetUrlChain()).WillRepeatedly(ReturnRef(url_chain));
-  EXPECT_CALL(item, GetReferrerUrl()).WillRepeatedly(ReturnRef(referrer));
-  EXPECT_CALL(item, GetTabUrl()).WillRepeatedly(ReturnRef(GURL::EmptyGURL()));
-  EXPECT_CALL(item, GetTabReferrerUrl())
-      .WillRepeatedly(ReturnRef(GURL::EmptyGURL()));
-  EXPECT_CALL(item, GetHash()).WillRepeatedly(ReturnRef(hash));
-  EXPECT_CALL(item, GetReceivedBytes()).WillRepeatedly(Return(100));
-  EXPECT_CALL(item, HasUserGesture()).WillRepeatedly(Return(true));
-  EXPECT_CALL(item, GetRemoteAddress()).WillRepeatedly(Return(""));
-
-  std::string file_contents = "corrupt zip file";
-  ASSERT_EQ(static_cast<int>(file_contents.size()), base::WriteFile(
-      a_tmp, file_contents.data(), file_contents.size()));
-
-  download_service_->CheckClientDownload(
-      &item,
-      base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback,
-                 base::Unretained(this)));
-  MessageLoop::current()->Run();
-  EXPECT_TRUE(IsResult(DownloadProtectionService::UNKNOWN));
-  EXPECT_FALSE(HasClientDownloadRequest());
-  Mock::VerifyAndClearExpectations(sb_service_.get());
-  Mock::VerifyAndClearExpectations(binary_feature_extractor_.get());
+TEST_F(DownloadProtectionServiceTest,
+       CheckClientDownloadReportCorruptZipIncognito) {
+  // is_extended_reporting && is_incognito
+  CheckClientDownloadReportCorruptZip(true, true);
 }
 
 TEST_F(DownloadProtectionServiceTest, CheckClientCrxDownloadSuccess) {
   ClientDownloadResponse response;
   // Even if the server verdict is dangerous we should return SAFE because
   // DownloadProtectionService::IsSupportedDownload() will return false
   // for crx downloads.
   response.set_verdict(ClientDownloadResponse::DANGEROUS);
   net::FakeURLFetcherFactory factory(NULL);
   // Empty response means SAFE.
@@ skipping 208 matching lines @@
                  base::Unretained(this), fetcher));
   MessageLoop::current()->Run();
 #endif
 }
 
 // Similar to above, but with tab history.
 TEST_F(DownloadProtectionServiceTest,
        CheckClientDownloadValidateRequestTabHistory) {
   net::TestURLFetcherFactory factory;
 
-  base::ScopedTempDir profile_dir;
-  ASSERT_TRUE(profile_dir.CreateUniqueTempDir());
-  TestingProfile profile(profile_dir.path());
-  ASSERT_TRUE(
-      profile.CreateHistoryService(true /* delete_file */, false /* no_db */));
-
   base::FilePath tmp_path(FILE_PATH_LITERAL("bla.tmp"));
   base::FilePath final_path(FILE_PATH_LITERAL("bla.exe"));
   std::vector<GURL> url_chain;
   url_chain.push_back(GURL("http://www.google.com/"));
   url_chain.push_back(GURL("http://www.google.com/bla.exe"));
   GURL referrer("http://www.google.com/");
   GURL tab_url("http://tab.com/final");
   GURL tab_referrer("http://tab.com/referrer");
   std::string hash = "hash";
   std::string remote_address = "10.11.12.13";
 
   content::MockDownloadItem item;
   EXPECT_CALL(item, GetFullPath()).WillRepeatedly(ReturnRef(tmp_path));
   EXPECT_CALL(item, GetTargetFilePath()).WillRepeatedly(ReturnRef(final_path));
   EXPECT_CALL(item, GetUrlChain()).WillRepeatedly(ReturnRef(url_chain));
   EXPECT_CALL(item, GetReferrerUrl()).WillRepeatedly(ReturnRef(referrer));
   EXPECT_CALL(item, GetTabUrl()).WillRepeatedly(ReturnRef(tab_url));
   EXPECT_CALL(item, GetTabReferrerUrl())
       .WillRepeatedly(ReturnRef(tab_referrer));
   EXPECT_CALL(item, GetHash()).WillRepeatedly(ReturnRef(hash));
   EXPECT_CALL(item, GetReceivedBytes()).WillRepeatedly(Return(100));
   EXPECT_CALL(item, HasUserGesture()).WillRepeatedly(Return(true));
   EXPECT_CALL(item, GetRemoteAddress()).WillRepeatedly(Return(remote_address));
-  EXPECT_CALL(item, GetBrowserContext()).WillRepeatedly(Return(&profile));
+  EXPECT_CALL(item, GetBrowserContext()).WillRepeatedly(Return(profile_.get()));
   EXPECT_CALL(*sb_service_->mock_database_manager(),
               MatchDownloadWhitelistUrl(_))
       .WillRepeatedly(Return(false));
   EXPECT_CALL(*binary_feature_extractor_.get(), CheckSignature(tmp_path, _))
       .WillRepeatedly(SetCertificateContents("dummy cert data"));
   EXPECT_CALL(
       *binary_feature_extractor_.get(),
       ExtractImageFeatures(tmp_path, BinaryFeatureExtractor::kDefaultOptions,
                            _, _))
       .WillRepeatedly(SetDosHeaderContents("dummy dos header"));
@@ skipping 61 matching lines @@
     MessageLoop::current()->Run();
 #endif
   }
 
   // Now try with a history match.
   {
     history::RedirectList redirects;
     redirects.push_back(GURL("http://tab.com/ref1"));
     redirects.push_back(GURL("http://tab.com/ref2"));
     redirects.push_back(tab_url);
-    HistoryServiceFactory::GetForProfile(&profile,
+    HistoryServiceFactory::GetForProfile(profile_.get(),
                                          ServiceAccessType::EXPLICIT_ACCESS)
         ->AddPage(tab_url,
                   base::Time::Now(),
                   reinterpret_cast<history::ContextID>(1),
                   0,
                   GURL(),
                   redirects,
                   ui::PAGE_TRANSITION_TYPED,
                   history::SOURCE_BROWSED,
                   false);
@@ skipping 455 matching lines @@
   EXPECT_TRUE(IsResult(DownloadProtectionService::DANGEROUS));
 #else
   // On !(OS_WIN || OS_MACOSX || OS_CHROMEOS),
   // no file types are currently supported. Hence all
   // requests to CheckClientDownload() result in a verdict of UNKNOWN.
   EXPECT_TRUE(IsResult(DownloadProtectionService::UNKNOWN));
 #endif
 }
 
 }  // namespace safe_browsing