| OLD | NEW |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/safe_browsing/download_protection_service.h" | 5 #include "chrome/browser/safe_browsing/download_protection_service.h" |
| 6 | 6 |
| 7 #include <stddef.h> | 7 #include <stddef.h> |
| 8 #include <stdint.h> | 8 #include <stdint.h> |
| 9 | 9 |
| 10 #include <map> | 10 #include <map> |
| (...skipping 20 matching lines...) Expand all Loading... |
| 31 #include "base/threading/thread_task_runner_handle.h" | 31 #include "base/threading/thread_task_runner_handle.h" |
| 32 #include "chrome/browser/history/history_service_factory.h" | 32 #include "chrome/browser/history/history_service_factory.h" |
| 33 #include "chrome/browser/safe_browsing/download_feedback_service.h" | 33 #include "chrome/browser/safe_browsing/download_feedback_service.h" |
| 34 #include "chrome/browser/safe_browsing/incident_reporting/incident_reporting_ser
vice.h" | 34 #include "chrome/browser/safe_browsing/incident_reporting/incident_reporting_ser
vice.h" |
| 35 #include "chrome/browser/safe_browsing/local_database_manager.h" | 35 #include "chrome/browser/safe_browsing/local_database_manager.h" |
| 36 #include "chrome/browser/safe_browsing/safe_browsing_service.h" | 36 #include "chrome/browser/safe_browsing/safe_browsing_service.h" |
| 37 #include "chrome/common/chrome_switches.h" | 37 #include "chrome/common/chrome_switches.h" |
| 38 #include "chrome/common/pref_names.h" | 38 #include "chrome/common/pref_names.h" |
| 39 #include "chrome/common/safe_browsing/binary_feature_extractor.h" | 39 #include "chrome/common/safe_browsing/binary_feature_extractor.h" |
| 40 #include "chrome/common/safe_browsing/csd.pb.h" | 40 #include "chrome/common/safe_browsing/csd.pb.h" |
| 41 #include "chrome/common/safe_browsing/file_type_policies_test_util.h" |
| 41 #include "chrome/test/base/testing_profile.h" | 42 #include "chrome/test/base/testing_profile.h" |
| 42 #include "components/history/core/browser/history_service.h" | 43 #include "components/history/core/browser/history_service.h" |
| 43 #include "components/prefs/pref_service.h" | 44 #include "components/prefs/pref_service.h" |
| 44 #include "components/safe_browsing_db/database_manager.h" | 45 #include "components/safe_browsing_db/database_manager.h" |
| 45 #include "components/safe_browsing_db/test_database_manager.h" | 46 #include "components/safe_browsing_db/test_database_manager.h" |
| 46 #include "content/public/browser/download_danger_type.h" | 47 #include "content/public/browser/download_danger_type.h" |
| 47 #include "content/public/browser/page_navigator.h" | 48 #include "content/public/browser/page_navigator.h" |
| 48 #include "content/public/test/mock_download_item.h" | 49 #include "content/public/test/mock_download_item.h" |
| 49 #include "content/public/test/test_browser_thread_bundle.h" | 50 #include "content/public/test/test_browser_thread_bundle.h" |
| 50 #include "content/public/test/test_utils.h" | 51 #include "content/public/test/test_utils.h" |
| (...skipping 219 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 270 .AppendASCII("download_protection"); | 271 .AppendASCII("download_protection"); |
| 271 | 272 |
| 272 // Setup a profile | 273 // Setup a profile |
| 273 ASSERT_TRUE(profile_dir_.CreateUniqueTempDir()); | 274 ASSERT_TRUE(profile_dir_.CreateUniqueTempDir()); |
| 274 profile_.reset(new TestingProfile(profile_dir_.path())); | 275 profile_.reset(new TestingProfile(profile_dir_.path())); |
| 275 ASSERT_TRUE(profile_->CreateHistoryService(true /* delete_file */, | 276 ASSERT_TRUE(profile_->CreateHistoryService(true /* delete_file */, |
| 276 false /* no_db */)); | 277 false /* no_db */)); |
| 277 | 278 |
| 278 // Setup a directory to place test files in. | 279 // Setup a directory to place test files in. |
| 279 ASSERT_TRUE(temp_dir_.CreateUniqueTempDir()); | 280 ASSERT_TRUE(temp_dir_.CreateUniqueTempDir()); |
| 281 |
| 282 // Turn off binary sampling by default. |
| 283 SetBinarySamplingProbability(0.0); |
| 280 } | 284 } |
| 281 | 285 |
| 282 void TearDown() override { | 286 void TearDown() override { |
| 283 client_download_request_subscription_.reset(); | 287 client_download_request_subscription_.reset(); |
| 284 sb_service_->ShutDown(); | 288 sb_service_->ShutDown(); |
| 285 // Flush all of the thread message loops to ensure that there are no | 289 // Flush all of the thread message loops to ensure that there are no |
| 286 // tasks currently running. | 290 // tasks currently running. |
| 287 FlushThreadMessageLoops(); | 291 FlushThreadMessageLoops(); |
| 288 sb_service_ = NULL; | 292 sb_service_ = NULL; |
| 289 } | 293 } |
| 290 | 294 |
| 291 void SetWhitelistedDownloadSampleRate(double target_rate) { | 295 void SetWhitelistedDownloadSampleRate(double target_rate) { |
| 292 download_service_->whitelist_sample_rate_ = target_rate; | 296 download_service_->whitelist_sample_rate_ = target_rate; |
| 293 } | 297 } |
| 294 | 298 |
| 299 void SetBinarySamplingProbability(double target_rate) { |
| 300 std::unique_ptr<DownloadFileTypeConfig> config = |
| 301 policies_.DuplicateConfig(); |
| 302 config->set_sampled_ping_probability(target_rate); |
| 303 policies_.SwapConfig(config); |
| 304 } |
| 305 |
| 295 bool RequestContainsResource(const ClientDownloadRequest& request, | 306 bool RequestContainsResource(const ClientDownloadRequest& request, |
| 296 ClientDownloadRequest::ResourceType type, | 307 ClientDownloadRequest::ResourceType type, |
| 297 const std::string& url, | 308 const std::string& url, |
| 298 const std::string& referrer) { | 309 const std::string& referrer) { |
| 299 for (int i = 0; i < request.resources_size(); ++i) { | 310 for (int i = 0; i < request.resources_size(); ++i) { |
| 300 if (request.resources(i).url() == url && | 311 if (request.resources(i).url() == url && |
| 301 request.resources(i).type() == type && | 312 request.resources(i).type() == type && |
| 302 (referrer.empty() || request.resources(i).referrer() == referrer)) { | 313 (referrer.empty() || request.resources(i).referrer() == referrer)) { |
| 303 return true; | 314 return true; |
| 304 } | 315 } |
| (...skipping 196 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 501 is_extended_reporting); | 512 is_extended_reporting); |
| 502 } | 513 } |
| 503 | 514 |
| 504 // Check scenarios where we should/shouldn't send a report for | 515 // Check scenarios where we should/shouldn't send a report for |
| 505 // a corrupted zip. | 516 // a corrupted zip. |
| 506 void CheckClientDownloadReportCorruptZip(bool is_extended_reporting, | 517 void CheckClientDownloadReportCorruptZip(bool is_extended_reporting, |
| 507 bool is_incognito); | 518 bool is_incognito); |
| 508 | 519 |
| 509 | 520 |
| 510 protected: | 521 protected: |
| 522 // This will effectivly mask the global Singleton while this is in scope. |
| 523 FileTypePoliciesTestOverlay policies_; |
| 524 |
| 511 scoped_refptr<FakeSafeBrowsingService> sb_service_; | 525 scoped_refptr<FakeSafeBrowsingService> sb_service_; |
| 512 scoped_refptr<MockBinaryFeatureExtractor> binary_feature_extractor_; | 526 scoped_refptr<MockBinaryFeatureExtractor> binary_feature_extractor_; |
| 513 DownloadProtectionService* download_service_; | 527 DownloadProtectionService* download_service_; |
| 514 DownloadProtectionService::DownloadCheckResult result_; | 528 DownloadProtectionService::DownloadCheckResult result_; |
| 515 bool has_result_; | 529 bool has_result_; |
| 516 content::TestBrowserThreadBundle test_browser_thread_bundle_; | 530 content::TestBrowserThreadBundle test_browser_thread_bundle_; |
| 517 content::InProcessUtilityThreadHelper in_process_utility_thread_helper_; | 531 content::InProcessUtilityThreadHelper in_process_utility_thread_helper_; |
| 518 base::FilePath testdata_path_; | 532 base::FilePath testdata_path_; |
| 519 DownloadProtectionService::ClientDownloadRequestSubscription | 533 DownloadProtectionService::ClientDownloadRequestSubscription |
| 520 client_download_request_subscription_; | 534 client_download_request_subscription_; |
| (...skipping 283 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 804 .WillRepeatedly(Return(profile_.get())); | 818 .WillRepeatedly(Return(profile_.get())); |
| 805 download_service_->CheckClientDownload( | 819 download_service_->CheckClientDownload( |
| 806 &item, | 820 &item, |
| 807 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, | 821 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, |
| 808 base::Unretained(this))); | 822 base::Unretained(this))); |
| 809 MessageLoop::current()->Run(); | 823 MessageLoop::current()->Run(); |
| 810 EXPECT_TRUE(IsResult(DownloadProtectionService::SAFE)); | 824 EXPECT_TRUE(IsResult(DownloadProtectionService::SAFE)); |
| 811 EXPECT_FALSE(HasClientDownloadRequest()); | 825 EXPECT_FALSE(HasClientDownloadRequest()); |
| 812 } | 826 } |
| 813 | 827 |
| 828 TEST_F(DownloadProtectionServiceTest, CheckClientDownloadSampledFile) { |
| 829 // Server response will be discarded. |
| 830 net::FakeURLFetcherFactory factory(NULL); |
| 831 PrepareResponse( |
| 832 &factory, ClientDownloadResponse::DANGEROUS, net::HTTP_OK, |
| 833 net::URLRequestStatus::SUCCESS); |
| 834 |
| 835 content::MockDownloadItem item; |
| 836 PrepareBasicDownloadItem( |
| 837 &item, |
| 838 std::vector<std::string>(), // empty url_chain |
| 839 "http://www.google.com/", // referrer |
| 840 FILE_PATH_LITERAL("a.tmp"), // tmp_path |
| 841 FILE_PATH_LITERAL("a.foobar_unknown_ype")); // final_path |
| 842 EXPECT_CALL(*binary_feature_extractor_.get(), CheckSignature(tmp_path_, _)) |
| 843 .Times(1); |
| 844 EXPECT_CALL(*binary_feature_extractor_.get(), |
| 845 ExtractImageFeatures( |
| 846 tmp_path_, BinaryFeatureExtractor::kDefaultOptions, _, _)) |
| 847 .Times(1); |
| 848 url_chain_.push_back(GURL("http://www.whitelist.com/a.foobar_unknown_type")); |
| 849 |
| 850 // Set ping sample rate to 1.00 so download_service_ will always send a |
| 851 // "light" ping for unknown types if allowed. |
| 852 SetBinarySamplingProbability(1.0); |
| 853 |
| 854 // Case (1): is_extended_reporting && is_incognito. |
| 855 // ClientDownloadRequest should NOT be sent. |
| 856 SetExtendedReportingPreference(true); |
| 857 EXPECT_CALL(item, GetBrowserContext()) |
| 858 .WillRepeatedly(Return(profile_->GetOffTheRecordProfile())); |
| 859 download_service_->CheckClientDownload( |
| 860 &item, |
| 861 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, |
| 862 base::Unretained(this))); |
| 863 MessageLoop::current()->Run(); |
| 864 EXPECT_TRUE(IsResult(DownloadProtectionService::UNKNOWN)); |
| 865 EXPECT_FALSE(HasClientDownloadRequest()); |
| 866 |
| 867 // Case (2): is_extended_reporting && !is_incognito. |
| 868 // A "light" ClientDownloadRequest should be sent. |
| 869 EXPECT_CALL(item, GetBrowserContext()) |
| 870 .WillRepeatedly(Return(profile_.get())); |
| 871 download_service_->CheckClientDownload( |
| 872 &item, |
| 873 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, |
| 874 base::Unretained(this))); |
| 875 MessageLoop::current()->Run(); |
| 876 EXPECT_TRUE(IsResult(DownloadProtectionService::UNKNOWN)); |
| 877 EXPECT_TRUE(HasClientDownloadRequest()); |
| 878 // Verify it's a "light" ping, check that URLs don't have paths, and |
| 879 // and verify filename is just an extension. |
| 880 auto* req = GetClientDownloadRequest(); |
| 881 EXPECT_EQ(ClientDownloadRequest::SAMPLED_UNSUPPORTED_FILE, |
| 882 req->download_type()); |
| 883 EXPECT_EQ(GURL(req->url()).GetOrigin().spec(), req->url()); |
| 884 for (auto resource : req->resources()) { |
| 885 EXPECT_EQ(GURL(resource.url()).GetOrigin().spec(), resource.url()); |
| 886 EXPECT_EQ(GURL(resource.referrer()).GetOrigin().spec(), |
| 887 resource.referrer()); |
| 888 } |
| 889 EXPECT_EQ('.', req->file_basename()[0]); |
| 890 |
| 891 ClearClientDownloadRequest(); |
| 892 |
| 893 // Case (3): !is_extended_reporting && is_incognito. |
| 894 // ClientDownloadRequest should NOT be sent. |
| 895 SetExtendedReportingPreference(false); |
| 896 EXPECT_CALL(item, GetBrowserContext()) |
| 897 .WillRepeatedly(Return(profile_->GetOffTheRecordProfile())); |
| 898 download_service_->CheckClientDownload( |
| 899 &item, |
| 900 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, |
| 901 base::Unretained(this))); |
| 902 MessageLoop::current()->Run(); |
| 903 EXPECT_TRUE(IsResult(DownloadProtectionService::UNKNOWN)); |
| 904 EXPECT_FALSE(HasClientDownloadRequest()); |
| 905 |
| 906 // Case (4): !is_extended_reporting && !is_incognito. |
| 907 // ClientDownloadRequest should NOT be sent. |
| 908 EXPECT_CALL(item, GetBrowserContext()) |
| 909 .WillRepeatedly(Return(profile_.get())); |
| 910 download_service_->CheckClientDownload( |
| 911 &item, |
| 912 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, |
| 913 base::Unretained(this))); |
| 914 MessageLoop::current()->Run(); |
| 915 EXPECT_TRUE(IsResult(DownloadProtectionService::UNKNOWN)); |
| 916 EXPECT_FALSE(HasClientDownloadRequest()); |
| 917 } |
| 918 |
| 814 TEST_F(DownloadProtectionServiceTest, CheckClientDownloadFetchFailed) { | 919 TEST_F(DownloadProtectionServiceTest, CheckClientDownloadFetchFailed) { |
| 815 // HTTP request will fail. | 920 // HTTP request will fail. |
| 816 net::FakeURLFetcherFactory factory(NULL); | 921 net::FakeURLFetcherFactory factory(NULL); |
| 817 PrepareResponse( | 922 PrepareResponse( |
| 818 &factory, ClientDownloadResponse::SAFE, net::HTTP_INTERNAL_SERVER_ERROR, | 923 &factory, ClientDownloadResponse::SAFE, net::HTTP_INTERNAL_SERVER_ERROR, |
| 819 net::URLRequestStatus::FAILED); | 924 net::URLRequestStatus::FAILED); |
| 820 | 925 |
| 821 content::MockDownloadItem item; | 926 content::MockDownloadItem item; |
| 822 PrepareBasicDownloadItem( | 927 PrepareBasicDownloadItem( |
| 823 &item, | 928 &item, |
| (...skipping 1326 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2150 &item, base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, | 2255 &item, base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, |
| 2151 base::Unretained(this))); | 2256 base::Unretained(this))); |
| 2152 MessageLoop::current()->Run(); | 2257 MessageLoop::current()->Run(); |
| 2153 | 2258 |
| 2154 EXPECT_FALSE(HasClientDownloadRequest()); | 2259 EXPECT_FALSE(HasClientDownloadRequest()); |
| 2155 // Overriden by flag: | 2260 // Overriden by flag: |
| 2156 EXPECT_TRUE(IsResult(DownloadProtectionService::DANGEROUS)); | 2261 EXPECT_TRUE(IsResult(DownloadProtectionService::DANGEROUS)); |
| 2157 } | 2262 } |
| 2158 | 2263 |
| 2159 } // namespace safe_browsing | 2264 } // namespace safe_browsing |
| OLD | NEW |