OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/safe_browsing/incident_reporting/blacklist_load_analyze
r.h" | 5 #include "chrome/browser/safe_browsing/incident_reporting/blacklist_load_analyze
r.h" |
6 | 6 |
7 #include <utility> | 7 #include <utility> |
8 | 8 |
9 #include "base/file_version_info.h" | 9 #include "base/file_version_info.h" |
10 #include "base/files/file_path.h" | 10 #include "base/files/file_path.h" |
11 #include "base/logging.h" | 11 #include "base/logging.h" |
12 #include "base/metrics/histogram.h" | 12 #include "base/metrics/histogram.h" |
13 #include "base/strings/string_number_conversions.h" | 13 #include "base/strings/string_number_conversions.h" |
14 #include "base/strings/string_util.h" | 14 #include "base/strings/string_util.h" |
15 #include "base/strings/utf_string_conversions.h" | 15 #include "base/strings/utf_string_conversions.h" |
16 #include "chrome/browser/install_verification/win/module_info.h" | 16 #include "chrome/browser/install_verification/win/module_info.h" |
17 #include "chrome/browser/install_verification/win/module_verification_common.h" | 17 #include "chrome/browser/install_verification/win/module_verification_common.h" |
18 #include "chrome/browser/safe_browsing/incident_reporting/blacklist_load_inciden
t.h" | 18 #include "chrome/browser/safe_browsing/incident_reporting/blacklist_load_inciden
t.h" |
19 #include "chrome/browser/safe_browsing/incident_reporting/incident_receiver.h" | 19 #include "chrome/browser/safe_browsing/incident_reporting/incident_receiver.h" |
20 #include "chrome/browser/safe_browsing/path_sanitizer.h" | 20 #include "chrome/browser/safe_browsing/path_sanitizer.h" |
21 #include "chrome/browser/safe_browsing/safe_browsing_service.h" | 21 #include "chrome/browser/safe_browsing/safe_browsing_service.h" |
22 #include "chrome/common/safe_browsing/binary_feature_extractor.h" | 22 #include "chrome/common/safe_browsing/binary_feature_extractor.h" |
23 #include "chrome/common/safe_browsing/csd.pb.h" | 23 #include "chrome/common/safe_browsing/csd.pb.h" |
24 #include "chrome_elf/blacklist/blacklist.h" | |
25 | 24 |
26 namespace safe_browsing { | 25 namespace safe_browsing { |
27 | 26 |
28 // Retrieves the set of blacklisted modules that are loaded in the process. | 27 // Retrieves the set of blacklisted modules that are loaded in the process. |
29 // Returns true if successful, false otherwise. | 28 // Returns true if successful, false otherwise. |
30 bool GetLoadedBlacklistedModules(std::vector<base::string16>* module_names) { | 29 bool GetLoadedBlacklistedModules(std::vector<base::string16>* module_names) { |
31 DCHECK(module_names); | |
32 | |
33 std::set<ModuleInfo> module_info_set; | |
34 if (!GetLoadedModules(&module_info_set)) | |
35 return false; | |
36 | |
37 std::set<ModuleInfo>::const_iterator module_iter(module_info_set.begin()); | |
38 for (; module_iter != module_info_set.end(); ++module_iter) { | |
39 base::string16 module_file_name(base::ToLowerASCII( | |
40 base::FilePath(module_iter->name).BaseName().value())); | |
41 if (blacklist::GetBlacklistIndex(module_file_name.c_str()) != -1) { | |
42 module_names->push_back(module_iter->name); | |
43 } | |
44 } | |
45 | |
46 return true; | 30 return true; |
47 } | 31 } |
48 | 32 |
49 void VerifyBlacklistLoadState(scoped_ptr<IncidentReceiver> incident_receiver) { | 33 void VerifyBlacklistLoadState(scoped_ptr<IncidentReceiver> incident_receiver) { |
50 std::vector<base::string16> module_names; | 34 // TODO(implement this) |
51 if (GetLoadedBlacklistedModules(&module_names)) { | |
52 PathSanitizer path_sanitizer; | |
53 | |
54 const bool blacklist_intialized = blacklist::IsBlacklistInitialized(); | |
55 | |
56 for (const auto& module_name : module_names) { | |
57 scoped_ptr<ClientIncidentReport_IncidentData_BlacklistLoadIncident> | |
58 blacklist_load( | |
59 new ClientIncidentReport_IncidentData_BlacklistLoadIncident()); | |
60 | |
61 const base::FilePath module_path(module_name); | |
62 | |
63 // Sanitized path. | |
64 base::FilePath sanitized_path(module_path); | |
65 path_sanitizer.StripHomeDirectory(&sanitized_path); | |
66 blacklist_load->set_path(base::WideToUTF8(sanitized_path.value())); | |
67 | |
68 // Digest. | |
69 scoped_refptr<BinaryFeatureExtractor> | |
70 binary_feature_extractor(new BinaryFeatureExtractor()); | |
71 base::TimeTicks start_time = base::TimeTicks::Now(); | |
72 binary_feature_extractor->ExtractDigest(module_path, | |
73 blacklist_load->mutable_digest()); | |
74 UMA_HISTOGRAM_TIMES("SBIRS.BLAHashTime", | |
75 base::TimeTicks::Now() - start_time); | |
76 | |
77 // Version. | |
78 scoped_ptr<FileVersionInfo> version_info( | |
79 FileVersionInfo::CreateFileVersionInfo(module_path)); | |
80 if (version_info) { | |
81 std::wstring file_version = version_info->file_version(); | |
82 if (!file_version.empty()) | |
83 blacklist_load->set_version(base::WideToUTF8(file_version)); | |
84 } | |
85 | |
86 // Initialized state. | |
87 blacklist_load->set_blacklist_initialized(blacklist_intialized); | |
88 | |
89 // Signature. | |
90 start_time = base::TimeTicks::Now(); | |
91 binary_feature_extractor->CheckSignature( | |
92 module_path, blacklist_load->mutable_signature()); | |
93 UMA_HISTOGRAM_TIMES("SBIRS.BLASignatureTime", | |
94 base::TimeTicks::Now() - start_time); | |
95 | |
96 // Image headers. | |
97 if (!binary_feature_extractor->ExtractImageFeatures( | |
98 module_path, | |
99 BinaryFeatureExtractor::kDefaultOptions, | |
100 blacklist_load->mutable_image_headers(), | |
101 nullptr /* signed_data */)) { | |
102 blacklist_load->clear_image_headers(); | |
103 } | |
104 | |
105 // Send the report. | |
106 incident_receiver->AddIncidentForProcess(make_scoped_ptr( | |
107 new BlacklistLoadIncident(std::move(blacklist_load)))); | |
108 } | |
109 } | |
110 } | 35 } |
111 | 36 |
112 } // namespace safe_browsing | 37 } // namespace safe_browsing |
OLD | NEW |