Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(86)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/common/quarantine/quarantine_win.cc

Issue 2124373002: [PPAPI] Quarantine files that are writeable by a Pepper plugin. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@consolidate-file-metadata
Patch Set: Move quarantine_* files to content/common/quarantine/ Created 4 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « content/common/quarantine/quarantine_unittest.cc ('k') | content/common/quarantine/quarantine_win_unittest.cc » ('j') | content/public/common/quarantine.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2016 The Chromium Authors. All rights reserved. 1 // Copyright 2016 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "content/browser/download/quarantine.h" 5 #include "content/public/common/quarantine.h"
6 6
7 #include <windows.h> 7 #include <windows.h>
8 8
9 #include <cguid.h> 9 #include <cguid.h>
10 #include <objbase.h> 10 #include <objbase.h>
11 #include <shellapi.h> 11 #include <shellapi.h>
12 #include <shlobj.h> 12 #include <shlobj.h>
13 #include <shobjidl.h> 13 #include <shobjidl.h>
14 #include <wininet.h> 14 #include <wininet.h>
15 15
16 #include <vector>
17
16 #include "base/files/file_util.h" 18 #include "base/files/file_util.h"
17 #include "base/guid.h" 19 #include "base/guid.h"
18 #include "base/logging.h" 20 #include "base/logging.h"
19 #include "base/macros.h" 21 #include "base/macros.h"
20 #include "base/metrics/histogram_macros.h" 22 #include "base/metrics/histogram_macros.h"
21 #include "base/metrics/sparse_histogram.h" 23 #include "base/metrics/sparse_histogram.h"
22 #include "base/strings/string_piece.h" 24 #include "base/strings/string_piece.h"
25 #include "base/strings/string_split.h"
23 #include "base/strings/utf_string_conversions.h" 26 #include "base/strings/utf_string_conversions.h"
24 #include "base/threading/thread_restrictions.h" 27 #include "base/threading/thread_restrictions.h"
25 #include "base/win/scoped_comptr.h" 28 #include "base/win/scoped_comptr.h"
26 #include "base/win/scoped_handle.h" 29 #include "base/win/scoped_handle.h"
27 #include "url/gurl.h" 30 #include "url/gurl.h"
28 31
29 namespace content { 32 namespace content {
30 namespace { 33 namespace {
31 34
32 // [MS-FSCC] Section 5.6.1 35 // [MS-FSCC] Section 5.6.1
(...skipping 27 matching lines...) Expand all
60 base::FilePath::StringType zone_identifier_path = 63 base::FilePath::StringType zone_identifier_path =
61 path.value() + kZoneIdentifierStreamSuffix; 64 path.value() + kZoneIdentifierStreamSuffix;
62 base::win::ScopedHandle file( 65 base::win::ScopedHandle file(
63 CreateFile(zone_identifier_path.c_str(), GENERIC_READ, kShare, nullptr, 66 CreateFile(zone_identifier_path.c_str(), GENERIC_READ, kShare, nullptr,
64 OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, nullptr)); 67 OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, nullptr));
65 if (!file.IsValid()) 68 if (!file.IsValid())
66 return false; 69 return false;
67 70
68 // The zone identifier contents is expected to be: 71 // The zone identifier contents is expected to be:
69 // "[ZoneTransfer]\r\nZoneId=3\r\n". The actual ZoneId can be different. A 72 // "[ZoneTransfer]\r\nZoneId=3\r\n". The actual ZoneId can be different. A
70 // buffer of 16 bytes is sufficient for testing whether the contents start 73 // buffer of 32 bytes is sufficient for verifying the contents.
71 // with "[ZoneTransfer]". 74 std::vector<char> zone_identifier_contents_buffer(32);
72 std::vector<char> zone_identifier_contents(16);
73 DWORD actual_length = 0; 75 DWORD actual_length = 0;
74 if (!ReadFile(file.Get(), &zone_identifier_contents.front(), 76 if (!ReadFile(file.Get(), &zone_identifier_contents_buffer.front(),
75 zone_identifier_contents.size(), &actual_length, NULL)) 77 zone_identifier_contents_buffer.size(), &actual_length, NULL))
76 return false; 78 return false;
77 base::StringPiece zone_identifier_string(&zone_identifier_contents.front(), 79 zone_identifier_contents_buffer.resize(actual_length);
78 actual_length); 80
79 return zone_identifier_string.find("[ZoneTransfer]") == 0; 81 std::string zone_identifier_contents(zone_identifier_contents_buffer.begin(),
82 zone_identifier_contents_buffer.end());
83
84 std::vector<std::string> lines =
85 base::SplitString(zone_identifier_contents, "\n", base::TRIM_WHITESPACE,
brettw 2016/12/06 22:48:42 I think you could use SplitStringPiece here instea
asanka 2016/12/08 15:13:29 Done.
86 base::SPLIT_WANT_NONEMPTY);
87 return lines.size() == 2 && lines[0] == "[ZoneTransfer]" &&
88 lines[1].find("ZoneId=") == 0;
80 } 89 }
81 90
82 void RecordAttachmentServicesSaveResult(const base::FilePath& file, 91 void RecordAttachmentServicesSaveResult(const base::FilePath& file,
83 HRESULT hr) { 92 HRESULT hr) {
84 bool file_exists = base::PathExists(file); 93 bool file_exists = base::PathExists(file);
85 switch (hr) { 94 switch (hr) {
86 case INET_E_SECURITY_PROBLEM: 95 case INET_E_SECURITY_PROBLEM:
87 RecordAttachmentServicesResult( 96 RecordAttachmentServicesResult(
88 file_exists ? AttachmentServicesResult::BLOCKED_WITH_FILE 97 file_exists ? AttachmentServicesResult::BLOCKED_WITH_FILE
89 : AttachmentServicesResult::BLOCKED_WITHOUT_FILE); 98 : AttachmentServicesResult::BLOCKED_WITHOUT_FILE);
(...skipping 236 matching lines...) Expand 10 before | Expand all | Expand 10 after
326 // if it was found to be infected. 335 // if it was found to be infected.
327 // 336 //
328 // If the file is still there, then the error could be due to Windows 337 // If the file is still there, then the error could be due to Windows
329 // Attachment Services not being available or some other error during the AES 338 // Attachment Services not being available or some other error during the AES
330 // invocation. In either case, we don't surface the error to the user. 339 // invocation. In either case, we don't surface the error to the user.
331 if (!base::PathExists(file)) 340 if (!base::PathExists(file))
332 return FailedSaveResultToQuarantineResult(save_result); 341 return FailedSaveResultToQuarantineResult(save_result);
333 return QuarantineFileResult::OK; 342 return QuarantineFileResult::OK;
334 } 343 }
335 344
345 bool IsFileQuarantined(const base::FilePath& file,
346 const GURL& source_url,
347 const GURL& referrer_url) {
348 return ZoneIdentifierPresentForFile(file);
349 }
350
336 } // namespace content 351 } // namespace content
OLDNEW
« no previous file with comments | « content/common/quarantine/quarantine_unittest.cc ('k') | content/common/quarantine/quarantine_win_unittest.cc » ('j') | content/public/common/quarantine.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698