[Downloads] Move client guid for AV scanning of downloaded files to chrome/

base/file_util_win.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "base/file_util.h"
 
 #include <windows.h>
 #include <psapi.h>
 #include <shellapi.h>
 #include <shlobj.h>
 #include <time.h>
 
 #include <algorithm>
 #include <limits>
 #include <string>
 
 #include "base/files/file_path.h"
 #include "base/logging.h"
 #include "base/metrics/histogram.h"
 #include "base/process/process_handle.h"
 #include "base/rand_util.h"
 #include "base/strings/string_number_conversions.h"
 #include "base/strings/string_util.h"
 #include "base/strings/utf_string_conversions.h"
 #include "base/threading/thread_restrictions.h"
 #include "base/time/time.h"
+#include "base/win/scoped_comptr.h"
 #include "base/win/scoped_handle.h"
 #include "base/win/windows_version.h"
 
 namespace base {
 
 namespace {
 
 const DWORD kFileShareAll =
     FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE;
 
@@ skipping 28 matching lines @@
   file_operation.pFrom = double_terminated_path_from;
   file_operation.pTo = double_terminated_path_to;
   file_operation.fFlags = FOF_NOERRORUI | FOF_SILENT | FOF_NOCONFIRMATION |
                           FOF_NOCONFIRMMKDIR;
   if (!recursive)
     file_operation.fFlags |= FOF_NORECURSION | FOF_FILESONLY;
 
   return (SHFileOperation(&file_operation) == 0);
 }
 
+// Sets the Zone Identifier on the file to "Internet" (3). Returns true if the
+// function succeeds, false otherwise. A failure is expected on system where
+// the Zone Identifier is not supported, like a machine with a FAT32 filesystem.
+// This function does not invoke Windows Attachment Execution Services.
+//
+// |full_path| is the path to the downloaded file.
+bool SetInternetZoneIdentifierDirectly(const FilePath& full_path) {
+  const DWORD kShare = FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE;
+  std::wstring path = full_path.value() + L":Zone.Identifier";
+  HANDLE file = CreateFile(path.c_str(), GENERIC_WRITE, kShare, NULL,
+                           OPEN_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
+  if (INVALID_HANDLE_VALUE == file)
+    return false;
+
+  static const char kIdentifier[] = "[ZoneTransfer]\r\nZoneId=3\r\n";
+  // Don't include trailing null in data written.
+  static const DWORD kIdentifierSize = arraysize(kIdentifier) - 1;
+  DWORD written = 0;
+  BOOL result = WriteFile(file, kIdentifier, kIdentifierSize, &written, NULL);
+  BOOL flush_result = FlushFileBuffers(file);
+  CloseHandle(file);
+
+  if (!result || !flush_result || written != kIdentifierSize) {
+    NOTREACHED();
+    return false;
+  }
+
+  return true;
+}
+
 }  // namespace
 
 FilePath MakeAbsoluteFilePath(const FilePath& input) {
   ThreadRestrictions::AssertIOAllowed();
   wchar_t file_path[MAX_PATH];
   if (!_wfullpath(file_path, input.value().c_str(), MAX_PATH))
     return FilePath();
   return FilePath(file_path);
 }
 
@@ skipping 55 matching lines @@
   ThreadRestrictions::AssertIOAllowed();
 
   if (path.value().length() >= MAX_PATH)
     return false;
 
   return MoveFileEx(path.value().c_str(), NULL,
                     MOVEFILE_DELAY_UNTIL_REBOOT |
                         MOVEFILE_REPLACE_EXISTING) != FALSE;
 }
 
+HRESULT AVScanFile(const FilePath& full_path,
+                   const std::string& source_url,
+                   const GUID& client_guid) {
+  win::ScopedComPtr<IAttachmentExecute> attachment_services;
+  HRESULT hr = attachment_services.CreateInstance(CLSID_AttachmentServices);
+
+  if (FAILED(hr)) {
+    // The thread must have COM initialized.
+    DCHECK_NE(CO_E_NOTINITIALIZED, hr);
+
+    // We don't have Attachment Execution Services, it must be a pre-XP.SP2
+    // Windows installation, or the thread does not have COM initialized. Try to
+    // set the zone information directly. Failure is not considered an error.
+    SetInternetZoneIdentifierDirectly(full_path);
+    return hr;
+  }
+
+  if (client_guid != GUID_NULL) {
+    hr = attachment_services->SetClientGuid(client_guid);
+    if (FAILED(hr))
+      return hr;
+  }
+
+  hr = attachment_services->SetLocalPath(full_path.value().c_str());
+  if (FAILED(hr))
+    return hr;
+
+  if (!source_url.empty()) {
+    hr = attachment_services->SetSource(UTF8ToWide(source_url).c_str());
+    if (FAILED(hr))
+      return hr;
+  }
+
+  // A failure in the Save() call below could result in the downloaded file
+  // being deleted.
+  return attachment_services->Save();
+}
+
 bool ReplaceFile(const FilePath& from_path,
                  const FilePath& to_path,
                  PlatformFileError* error) {
   ThreadRestrictions::AssertIOAllowed();
   // Try a simple move first.  It will only succeed when |to_path| doesn't
   // already exist.
   if (::MoveFile(from_path.value().c_str(), to_path.value().c_str()))
     return true;
   // Try the full-blown replace if the move fails, as ReplaceFile will only
   // succeed when |to_path| does exist. When writing to a network share, we may
@@ skipping 590 matching lines @@
     // Like Move, this function is not transactional, so we just
     // leave the copied bits behind if deleting from_path fails.
     // If to_path exists previously then we have already overwritten
     // it by now, we don't get better off by deleting the new bits.
   }
   return false;
 }
 
 }  // namespace internal
 }  // namespace base