Chromium Code Reviews Chromium Code Reviews
Issue 1673733002:
Support new Safe Browsing list "goog-badresource-shavar" in SafeBrowsingDatabase. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| Index: chrome/browser/safe_browsing/local_database_manager.cc |
| diff --git a/chrome/browser/safe_browsing/local_database_manager.cc b/chrome/browser/safe_browsing/local_database_manager.cc |
| index 19e52ca72ff171f624cafd0184990a556e785391..dd7cbd9baf939a822fd50c6bda1aa644ae582682 100644 |
| --- a/chrome/browser/safe_browsing/local_database_manager.cc |
| +++ b/chrome/browser/safe_browsing/local_database_manager.cc |
| @@ -106,6 +106,14 @@ ListType GetHashSeverestThreatListType( |
| if (index) |
| *index = i; |
| break; |
| + case RESOURCEBLACKLIST: |
| + // RESOURCEBLACKLIST is even less severe than UNWANTEDURL. |
| + if (pending_threat == INVALID) { |
| + pending_threat = threat; |
| + if (index) |
| + *index = i; |
| + } |
| + break; |
| } |
| } |
| } |
| @@ -147,6 +155,12 @@ ListType GetUrlSeverestThreatListType( |
| // looking. |
| pending_threat = threat; |
| break; |
| + case RESOURCEBLACKLIST: |
| + // RESOURCEBLACKLIST is even less severe than UNWANTEDURL. |
| + if (pending_threat == INVALID) { |
| + pending_threat = threat; |
| + } |
| + break; |
| } |
| } |
| return pending_threat; |
| @@ -164,6 +178,8 @@ SBThreatType GetThreatTypeFromListType(ListType list_type) { |
| return SB_THREAT_TYPE_BINARY_MALWARE_URL; |
| case EXTENSIONBLACKLIST: |
| return SB_THREAT_TYPE_EXTENSION; |
| + case RESOURCEBLACKLIST: |
| + return SB_THREAT_TYPE_BLACKLISTED_RESOURCE; |
| default: |
| DVLOG(1) << "Unknown safe browsing list id " << list_type; |
| return SB_THREAT_TYPE_SAFE; |
| @@ -198,6 +214,7 @@ LocalSafeBrowsingDatabaseManager::SafeBrowsingCheck::SafeBrowsingCheck( |
| : urls(urls), |
| url_results(urls.size(), SB_THREAT_TYPE_SAFE), |
| url_metadata(urls.size()), |
| + url_hit_hash(urls.size()), |
| full_hashes(full_hashes), |
| full_hash_results(full_hashes.size(), SB_THREAT_TYPE_SAFE), |
| client(client), |
| @@ -233,6 +250,11 @@ void LocalSafeBrowsingDatabaseManager::SafeBrowsingCheck:: |
| client->OnCheckDownloadUrlResult( |
| urls, *std::max_element(url_results.begin(), url_results.end())); |
| break; |
| + case RESOURCEBLACKLIST: |
| + DCHECK_EQ(1u, urls.size()); |
| + client->OnCheckResourceUrlResult(urls[0], url_results[0], |
| + url_hit_hash[0]); |
| + break; |
| default: |
| NOTREACHED(); |
| } |
| @@ -268,6 +290,7 @@ LocalSafeBrowsingDatabaseManager::LocalSafeBrowsingDatabaseManager( |
| enable_extension_blacklist_(false), |
| enable_ip_blacklist_(false), |
| enable_unwanted_software_blacklist_(true), |
| + enable_resource_blacklist_(true), |
| update_in_progress_(false), |
| database_update_in_progress_(false), |
| closing_database_(false), |
| @@ -386,6 +409,26 @@ bool LocalSafeBrowsingDatabaseManager::CheckExtensionIDs( |
| return false; |
| } |
| +bool LocalSafeBrowsingDatabaseManager::CheckResourceUrl( |
| + const GURL& url, Client* client) { |
| + DCHECK_CURRENTLY_ON(BrowserThread::IO); |
| + |
| + if (!enabled_ || !enable_resource_blacklist_ || !CanCheckUrl(url)) |
| + return true; |
|
Nathan Parker
2016/02/16 21:42:00
Do you need to check that the DB is available, lik
veranika
2016/02/17 15:37:54
Done.
|
| + |
| + SafeBrowsingCheck* check = |
| + new SafeBrowsingCheck({url}, std::vector<SBFullHash>(), client, |
| + RESOURCEBLACKLIST, |
| + {SB_THREAT_TYPE_BLACKLISTED_RESOURCE}); |
| + std::vector<SBPrefix> prefixes; |
| + SafeBrowsingDatabase::GetDownloadUrlPrefixes(check->urls, &prefixes); |
| + StartSafeBrowsingCheck( |
| + check, |
| + base::Bind(&LocalSafeBrowsingDatabaseManager::CheckResourceUrlOnSBThread, |
| + this, prefixes)); |
| + return false; |
| +} |
| + |
| bool LocalSafeBrowsingDatabaseManager::MatchMalwareIP( |
| const std::string& ip_address) { |
| DCHECK_CURRENTLY_ON(BrowserThread::IO); |
| @@ -780,7 +823,8 @@ SafeBrowsingDatabase* LocalSafeBrowsingDatabaseManager::GetDatabase() { |
| safe_browsing_task_runner_, enable_download_protection_, |
| enable_csd_whitelist_, enable_download_whitelist_, |
| enable_extension_blacklist_, enable_ip_blacklist_, |
| - enable_unwanted_software_blacklist_); |
| + enable_unwanted_software_blacklist_, |
| + enable_resource_blacklist_); |
| database->Init(SafeBrowsingService::GetBaseFilename()); |
| { |
| @@ -1098,6 +1142,9 @@ bool LocalSafeBrowsingDatabaseManager::HandleOneCheck( |
| if (threat != SB_THREAT_TYPE_SAFE) { |
| check->url_results[i] = threat; |
| check->url_metadata[i] = expected_full_hashes[threat_index].metadata; |
| + const SBFullHash& hash = expected_full_hashes[threat_index].hash; |
| + check->url_hit_hash[i] = std::string(hash.full_hash, |
| + arraysize(hash.full_hash)); |
| is_threat = true; |
| } |
| } |
| @@ -1155,6 +1202,18 @@ LocalSafeBrowsingDatabaseManager::CheckExtensionIDsOnSBThread( |
| return prefix_hits; |
| } |
| +std::vector<SBPrefix> |
| +LocalSafeBrowsingDatabaseManager::CheckResourceUrlOnSBThread( |
| + const std::vector<SBPrefix>& prefixes) { |
| + DCHECK(safe_browsing_task_runner_->RunsTasksOnCurrentThread()); |
| + |
| + std::vector<SBPrefix> prefix_hits; |
| + const bool result = |
| + database_->ContainsResourceUrlPrefixes(prefixes, &prefix_hits); |
| + DCHECK_EQ(result, !prefix_hits.empty()); |
| + return prefix_hits; |
| +} |
| + |
| void LocalSafeBrowsingDatabaseManager::TimeoutCallback( |
| SafeBrowsingCheck* check) { |
| DCHECK_CURRENTLY_ON(BrowserThread::IO); |
