Issue 2336403002: Fix extension content verification out-of-band hash fetching

Issue 2336403002: Fix extension content verification out-of-band hash fetching (Closed)

Created:
4 years, 3 months ago by asargent_no_longer_on_chrome

Modified:
4 years, 3 months ago

Reviewers:
lazyboy

CC:
chromium-reviews, chromium-apps-reviews_chromium.org, extensions-reviews_chromium.org

Target Ref:
refs/pending/heads/master

Project:
chromium

Visibility:
Public.

More Reviews

Description

Fix extension content verification out-of-band hash fetching When we changed content verification to strict mode (crbug.com/601512), it turns out that the code for downloading missing verified_contents.json files from the webstore had two longstanding bugs that we never noticed due to insufficient tests: a) Returning the results of a boolean expression as an integer b) Use after free of an object The end result is that when the patch for crbug.com/601512 hit stable, many users became unable to run the EFF's HTTPS Everywhere and Privacy Badger extensions because those are uploaded via a special process where the webstore does not have a copy of their private key and cannot include the verified_contents.json file in the .crx file; rather we rely on being able to download it after install but fail due to the above mentioned bugs. This patch fixes the bugs and also introduces a change which clears the corruption "disable reason" on extension autoupdate, so that users who had the extension disabled because of this bug can get it re-enabled automatically by an extension autoupdate. BUG=643814 Committed: https://crrev.com/e4de9f973eae513486d2912e1793e943fce70014 Cr-Commit-Position: refs/heads/master@{#418748}

Patch Set 1 #

Total comments: 8

Patch Set 2 : review feedback #

Created: 4 years, 3 months ago

Download [raw] [tar.bz2]

	Unified diffs	Side-by-side diffs	Delta from patch set	Stats (+366 lines, -62 lines)			Patch
M	chrome/browser/extensions/chrome_content_verifier_delegate.cc	View		3 chunks	+4 lines, -2 lines	0 comments	Download
M	chrome/browser/extensions/extension_service.cc	View		2 chunks	+6 lines, -0 lines	0 comments	Download
M	chrome/browser/extensions/extension_service_unittest.cc	View		1 chunk	+22 lines, -0 lines	0 comments	Download
M	chrome/common/extensions/extension_constants.h	View		1 chunk	+0 lines, -4 lines	0 comments	Download
M	chrome/common/extensions/extension_constants.cc	View		1 chunk	+0 lines, -30 lines	0 comments	Download
M	extensions/browser/BUILD.gn	View		1 chunk	+1 line, -0 lines	0 comments	Download
M	extensions/browser/content_hash_fetcher.h	View		4 chunks	+5 lines, -4 lines	0 comments	Download
M	extensions/browser/content_hash_fetcher.cc	View	1	6 chunks	+19 lines, -19 lines	0 comments	Download
A	extensions/browser/content_hash_fetcher_unittest.cc	View	1	1 chunk	+260 lines, -0 lines	0 comments	Download
M	extensions/browser/content_verifier.cc	View		2 chunks	+6 lines, -3 lines	0 comments	Download
M	extensions/common/constants.h	View		1 chunk	+4 lines, -0 lines	0 comments	Download
M	extensions/common/constants.cc	View		1 chunk	+30 lines, -0 lines	0 comments	Download
A	extensions/test/data/content_hash_fetcher/missing_verified_contents/README.txt	View		1 chunk	+8 lines, -0 lines	0 comments	Download
A	extensions/test/data/content_hash_fetcher/missing_verified_contents/source.zip	View		Binary file		0 comments	Download
A	extensions/test/data/content_hash_fetcher/missing_verified_contents/verified_contents.json	View		1 chunk	+1 line, -0 lines	0 comments	Download

Messages

Total messages: 14 (8 generated)

Expand Messages | Collapse Messages | Show Generated Messages | Hide Generated Messages

lazyboy

lgtm % nits/suggestions https://codereview.chromium.org/2336403002/diff/1/extensions/browser/content_hash_fetcher.cc File extensions/browser/content_hash_fetcher.cc (right): https://codereview.chromium.org/2336403002/diff/1/extensions/browser/content_hash_fetcher.cc#newcode261 extensions/browser/content_hash_fetcher.cc:261: if (!base::CreateDirectoryAndGetError(dir, NULL)) nit: change to ...

4 years, 3 months ago (2016-09-14 22:23:20 UTC) #7

asargent_no_longer_on_chrome

https://codereview.chromium.org/2336403002/diff/1/extensions/browser/content_hash_fetcher.cc File extensions/browser/content_hash_fetcher.cc (right): https://codereview.chromium.org/2336403002/diff/1/extensions/browser/content_hash_fetcher.cc#newcode261 extensions/browser/content_hash_fetcher.cc:261: if (!base::CreateDirectoryAndGetError(dir, NULL)) On 2016/09/14 22:23:20, lazyboy wrote: > ...

4 years, 3 months ago (2016-09-14 23:26:24 UTC) #8

commit-bot: I haz the power

CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.org/2336403002/20001

4 years, 3 months ago (2016-09-14 23:29:02 UTC) #11

commit-bot: I haz the power

Description was changed from ========== Fix extension content verification out-of-band hash fetching When we changed ...

4 years, 3 months ago (2016-09-15 01:43:13 UTC) #13

Message was sent while issue was closed.

Description was changed from

==========
Fix extension content verification out-of-band hash fetching

When we changed content verification to strict mode (crbug.com/601512),
it turns out that the code for downloading missing
verified_contents.json files from the webstore had two longstanding bugs
that we never noticed due to insufficient tests:

a) Returning the results of a boolean expression as an integer
b) Use after free of an object

The end result is that when the patch for crbug.com/601512 hit stable,
many users became unable to run the EFF's HTTPS Everywhere and Privacy
Badger extensions because those are uploaded via a special process where
the webstore does not have a copy of their private key and cannot
include the verified_contents.json file in the .crx file; rather we rely
on being able to download it after install but fail due to the above
mentioned bugs.

This patch fixes the bugs and also introduces a change which clears the
corruption "disable reason" on extension autoupdate, so that users who
had the extension disabled because of this bug can get it re-enabled
automatically by an extension autoupdate.

BUG=643814
==========

to

==========
Fix extension content verification out-of-band hash fetching

When we changed content verification to strict mode (crbug.com/601512),
it turns out that the code for downloading missing
verified_contents.json files from the webstore had two longstanding bugs
that we never noticed due to insufficient tests:

a) Returning the results of a boolean expression as an integer
b) Use after free of an object

The end result is that when the patch for crbug.com/601512 hit stable,
many users became unable to run the EFF's HTTPS Everywhere and Privacy
Badger extensions because those are uploaded via a special process where
the webstore does not have a copy of their private key and cannot
include the verified_contents.json file in the .crx file; rather we rely
on being able to download it after install but fail due to the above
mentioned bugs.

This patch fixes the bugs and also introduces a change which clears the
corruption "disable reason" on extension autoupdate, so that users who
had the extension disabled because of this bug can get it re-enabled
automatically by an extension autoupdate.

BUG=643814

Committed: https://crrev.com/e4de9f973eae513486d2912e1793e943fce70014
Cr-Commit-Position: refs/heads/master@{#418748}
==========

commit-bot: I haz the power

4 years, 3 months ago (2016-09-15 01:43:14 UTC) #14

Message was sent while issue was closed.

Patchset 2 (id:??) landed as
https://crrev.com/e4de9f973eae513486d2912e1793e943fce70014
Cr-Commit-Position: refs/heads/master@{#418748}

Expand Messages | Collapse Messages | Show Generated Messages | Hide Generated Messages