[SafeBrowsing] Alternate extensions should also be subject to block list.

chrome/browser/safe_browsing/unverified_download_policy.cc

Index: chrome/browser/safe_browsing/unverified_download_policy.cc
diff --git a/chrome/browser/safe_browsing/unverified_download_policy.cc b/chrome/browser/safe_browsing/unverified_download_policy.cc
index f13752b67ecca8ad92833840015ff697258246a0..87b84eb9cdabf3440a590811a229d2bca4603211 100644
--- a/chrome/browser/safe_browsing/unverified_download_policy.cc
+++ b/chrome/browser/safe_browsing/unverified_download_policy.cc
@@ -7,6 +7,7 @@
 #include "base/bind.h"
 #include "base/callback.h"
 #include "base/files/file_path.h"
+#include "base/metrics/histogram_macros.h"
 #include "base/metrics/sparse_histogram.h"
 #include "chrome/browser/browser_process.h"
 #include "chrome/browser/safe_browsing/safe_browsing_service.h"
@@ -60,23 +61,38 @@ void RespondWithPolicy(
                        uma_file_type, requestor);
   }
   BrowserThread::PostTask(BrowserThread::UI, FROM_HERE,
-                                   base::Bind(callback, policy));
+                          base::Bind(callback, policy));
 }
 
 void CheckFieldTrialOnAnyThread(
     const base::FilePath& file,
+    const std::vector<base::FilePath::StringType>& alternate_extensions,
     const GURL& requestor,
     const UnverifiedDownloadCheckCompletionCallback& callback) {
-  bool is_allowed = IsUnverifiedDownloadAllowedByFieldTrial(file);
-  RespondWithPolicy(file, callback, requestor, is_allowed
-                                        ? UnverifiedDownloadPolicy::ALLOWED
-                                        : UnverifiedDownloadPolicy::DISALLOWED);
+  if (!IsUnverifiedDownloadAllowedByFieldTrial(file)) {
+    RespondWithPolicy(file, callback, requestor,
+                      UnverifiedDownloadPolicy::DISALLOWED);
+    return;
+  }
+
+  for (const auto& extension : alternate_extensions) {
+    base::FilePath alternate_filename = file.AddExtension(extension);
+    if (!IsUnverifiedDownloadAllowedByFieldTrial(alternate_filename)) {
+      RespondWithPolicy(alternate_filename, callback, requestor,
+                        UnverifiedDownloadPolicy::DISALLOWED);
+      return;
+    }
+  }
+
+  RespondWithPolicy(file, callback, requestor,
+                    UnverifiedDownloadPolicy::ALLOWED);
 }
 
 void CheckWhitelistOnIOThread(
     scoped_refptr<SafeBrowsingService> service,
     const GURL& requestor,
     const base::FilePath& file,
+    const std::vector<base::FilePath::StringType>& alternate_extensions,
     const UnverifiedDownloadCheckCompletionCallback& callback) {
   DCHECK_CURRENTLY_ON(BrowserThread::IO);
   int uma_file_type =
@@ -104,7 +120,7 @@ void CheckWhitelistOnIOThread(
     return;
   }
 
-  CheckFieldTrialOnAnyThread(file, requestor, callback);
+  CheckFieldTrialOnAnyThread(file, alternate_extensions, requestor, callback);
 }
 
 }  // namespace
@@ -112,18 +128,22 @@ void CheckWhitelistOnIOThread(
 void CheckUnverifiedDownloadPolicy(
     const GURL& requestor,
     const base::FilePath& file,
+    const std::vector<base::FilePath::StringType>& alternate_extensions,
     const UnverifiedDownloadCheckCompletionCallback& callback) {
+  UMA_HISTOGRAM_CUSTOM_COUNTS(
+      "SafeBrowsing.UnverifiedDownloads.AlternateExtensionCount",
+      alternate_extensions.size() + 1, 1, 31, 32);

[Nathan Parker, 2016/01/21 21:47:43]

Thanks.
I'm curious: Why +1?  Why not 0-32?

[asanka, 2016/01/21 22:08:47]

0 is the underflow bucket. If the minimum is 0, it's silently rounded up to 1.

I've decided to go with a smaller range with fewer bucket and with a linear
bucket distribution.

[Steven Holte, 2016/01/22 23:50:49]

You don't need the +1.  This histogram will get a 0-1 bucket, and 0 will record
into correctly.  The fact that it's the "underflow" bucket for this histogram
won't cause issues.

[asanka, 2016/01/23 04:42:59]

Ah. Got it.

I actually switched to a sparse histogram since having a vector of buckets isn't
really necessary given how infrequent these downloads are, and also because
we'll only be recording this once per PPAPI initiated download.

   if (requestor.is_valid()) {
     scoped_refptr<SafeBrowsingService> service =
         g_browser_process->safe_browsing_service();
     BrowserThread::PostTask(
         BrowserThread::IO, FROM_HERE,
         base::Bind(&CheckWhitelistOnIOThread, service, requestor, file,
-                   callback));
+                   alternate_extensions, callback));
     return;
   }
 
-  CheckFieldTrialOnAnyThread(file, GURL(), callback);
+  CheckFieldTrialOnAnyThread(file, alternate_extensions, GURL(), callback);
 }
 
 }  // namespace safe_browsing