| OLD | NEW |
|---|
| (Empty) | |
| 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #include "content/browser/download/quarantine.h" |
| 6 #include "base/files/file_path.h" |
| 7 #include "base/files/file_util.h" |
| 8 #include "base/files/scoped_temp_dir.h" |
| 9 #include "base/test/histogram_tester.h" |
| 10 #include "net/base/filename_util.h" |
| 11 #include "testing/gtest/include/gtest/gtest.h" |
| 12 #include "url/gurl.h" |
| 13 |
| 14 namespace content { |
| 15 |
| 16 namespace { |
| 17 |
| 18 const char kDummySourceUrl[] = "https://example.com/foo"; |
| 19 const char kDummyReferrerUrl[] = "https://example.com/referrer"; |
| 20 const char kDummyClientGuid[] = "A1B69307-8FA2-4B6F-9181-EA06051A48A7"; |
| 21 |
| 22 const char kMotwForInternetZone[] = "[ZoneTransfer]\r\nZoneId=3\r\n"; |
| 23 const base::FilePath::CharType kMotwStreamSuffix[] = |
| 24 FILE_PATH_LITERAL(":Zone.Identifier"); |
| 25 |
| 26 } // namespace |
| 27 |
| 28 // If the file is missing, the QuarantineFile() call should return FILE_MISSING. |
| 29 TEST(QuarantineWinTest, MissingFile) { |
| 30 base::ScopedTempDir test_dir; |
| 31 ASSERT_TRUE(test_dir.CreateUniqueTempDir()); |
| 32 |
| 33 EXPECT_EQ(QuarantineFileResult::FILE_MISSING, |
| 34 QuarantineFile(test_dir.path().AppendASCII("does-not-exist.exe"), |
| 35 GURL(kDummySourceUrl), GURL(kDummyReferrerUrl), |
| 36 kDummyClientGuid)); |
| 37 } |
| 38 |
| 39 // On Windows systems, files downloaded from a local source are considered |
| 40 // trustworthy. Hence they aren't annotated with source information. This test |
| 41 // verifies this behavior since the other tests in this suite would pass with a |
| 42 // false positive if local files are being annotated with the MOTW for the |
| 43 // internet zone. |
| 44 TEST(QuarantineWinTest, LocalFileZoneAssumption_DependsOnLocalConfig) { |
| 45 base::HistogramTester histogram_tester; |
| 46 base::ScopedTempDir test_dir; |
| 47 ASSERT_TRUE(test_dir.CreateUniqueTempDir()); |
| 48 base::FilePath test_file = test_dir.path().AppendASCII("foo.exe"); |
| 49 ASSERT_EQ(5, base::WriteFile(test_file, "Hello", 5u)); |
| 50 |
| 51 EXPECT_EQ(QuarantineFileResult::OK, |
| 52 QuarantineFile(test_file, net::FilePathToFileURL(test_file), GURL(), |
| 53 kDummyClientGuid)); |
| 54 std::string contents; |
| 55 EXPECT_FALSE(base::ReadFileToString( |
| 56 base::FilePath(test_file.value() + kMotwStreamSuffix), &contents)); |
| 57 |
| 58 // Bucket 1 is SUCCESS_WITHOUT_MOTW. |
| 59 histogram_tester.ExpectUniqueSample("Download.AttachmentServices.Result", 1, |
| 60 1); |
| 61 } |
| 62 |
| 63 // A file downloaded from the internet should be annotated with .. something. |
| 64 // The specific zone assigned to our dummy source URL depends on the local |
| 65 // configuration. But no sane configuration should be treating the dummy URL as |
| 66 // a trusted source for anything. |
| 67 TEST(QuarantineWinTest, DownloadedFile_DependsOnLocalConfig) { |
| 68 base::HistogramTester histogram_tester; |
| 69 base::ScopedTempDir test_dir; |
| 70 ASSERT_TRUE(test_dir.CreateUniqueTempDir()); |
| 71 base::FilePath test_file = test_dir.path().AppendASCII("foo.exe"); |
| 72 ASSERT_EQ(5, base::WriteFile(test_file, "Hello", 5u)); |
| 73 |
| 74 EXPECT_EQ(QuarantineFileResult::OK, |
| 75 QuarantineFile(test_file, GURL(kDummySourceUrl), |
| 76 GURL(kDummyReferrerUrl), kDummyClientGuid)); |
| 77 std::string contents; |
| 78 ASSERT_TRUE(base::ReadFileToString( |
| 79 base::FilePath(test_file.value() + kMotwStreamSuffix), &contents)); |
| 80 // The actual assigned zone could be anything. So only testing that there is a |
| 81 // zone annotation. |
| 82 EXPECT_FALSE(contents.empty()); |
| 83 |
| 84 // Bucket 0 is SUCCESS_WITH_MOTW. |
| 85 histogram_tester.ExpectUniqueSample("Download.AttachmentServices.Result", 0, |
| 86 1); |
| 87 } |
| 88 |
| 89 // Empty files aren't passed to AVScanFile. They are instead marked manually. If |
| 90 // the file is passed to AVScanFile, then there wouldn't be a MOTW attached to |
| 91 // it and the test would fail. |
| 92 TEST(QuarantineWinTest, EmptyFile) { |
| 93 base::ScopedTempDir test_dir; |
| 94 ASSERT_TRUE(test_dir.CreateUniqueTempDir()); |
| 95 base::FilePath test_file = test_dir.path().AppendASCII("foo.exe"); |
| 96 ASSERT_EQ(0, base::WriteFile(test_file, "", 0u)); |
| 97 |
| 98 EXPECT_EQ(QuarantineFileResult::OK, |
| 99 QuarantineFile(test_file, net::FilePathToFileURL(test_file), GURL(), |
| 100 kDummyClientGuid)); |
| 101 std::string contents; |
| 102 ASSERT_TRUE(base::ReadFileToString( |
| 103 base::FilePath(test_file.value() + kMotwStreamSuffix), &contents)); |
| 104 EXPECT_STREQ(kMotwForInternetZone, contents.c_str()); |
| 105 } |
| 106 |
| 107 // If there is no client GUID supplied to the QuarantineFile() call, then rather |
| 108 // than invoking AVScanFile, the MOTW will be applied manually. If the file is |
| 109 // passed to AVScanFile, then there wouldn't be a MOTW attached to it and the |
| 110 // test would fail. |
| 111 TEST(QuarantineWinTest, NoClientGuid) { |
| 112 base::ScopedTempDir test_dir; |
| 113 ASSERT_TRUE(test_dir.CreateUniqueTempDir()); |
| 114 base::FilePath test_file = test_dir.path().AppendASCII("foo.exe"); |
| 115 ASSERT_EQ(5, base::WriteFile(test_file, "Hello", 5u)); |
| 116 |
| 117 EXPECT_EQ(QuarantineFileResult::OK, |
| 118 QuarantineFile(test_file, net::FilePathToFileURL(test_file), GURL(), |
| 119 std::string())); |
| 120 std::string contents; |
| 121 ASSERT_TRUE(base::ReadFileToString( |
| 122 base::FilePath(test_file.value() + kMotwStreamSuffix), &contents)); |
| 123 EXPECT_STREQ(kMotwForInternetZone, contents.c_str()); |
| 124 } |
| 125 |
| 126 } // content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2123023002:
[Downloads] Consolidate MOTW annotation APIs into a single API. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@move-safe-util-to-downloads