Ignore ThreatMatch responses for lists that we don't care about.

components/safe_browsing_db/v4_get_hash_protocol_manager_unittest.cc

 // Copyright 2016 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "components/safe_browsing_db/v4_get_hash_protocol_manager.h"
 
 #include <memory>
 #include <vector>
 
 #include "base/base64.h"
@@ skipping 62 matching lines @@
   void SetUp() override {
     PlatformTest::SetUp();
     callback_called_ = false;
   }
 
   std::unique_ptr<V4GetHashProtocolManager> CreateProtocolManager() {
     V4ProtocolConfig config;
     config.client_name = kClient;
     config.version = kAppVer;
     config.key_param = kKeyParam;
-    StoresToCheck stores_to_check({GetUrlMalwareId(), GetChromeUrlApiId()});
+    StoresToCheck stores_to_check(
+        {GetUrlMalwareId(), GetChromeUrlApiId(),
+         ListIdentifier(CHROME_PLATFORM, URL, SOCIAL_ENGINEERING_PUBLIC),
+         ListIdentifier(CHROME_PLATFORM, URL,
+                        POTENTIALLY_HARMFUL_APPLICATION)});
     return V4GetHashProtocolManager::Create(NULL, stores_to_check, config);
   }
 
   static void SetupFetcherToReturnOKResponse(
       const net::TestURLFetcherFactory& factory,
       const std::vector<ResponseInfo>& infos) {
     net::TestURLFetcher* fetcher = factory.GetFetcherByID(0);
     DCHECK(fetcher);
     fetcher->set_status(net::URLRequestStatus());
     fetcher->set_response_code(200);
@@ skipping 184 matching lines @@
 
   // Verify the state of the cache.
   const FullHashCache* cache = pm->full_hash_cache_for_tests();
   // Check the cache.
   EXPECT_EQ(0u, cache->size());
 }
 
 TEST_F(V4GetHashProtocolManagerTest, TestGetHashRequest) {
   FindFullHashesRequest req;
   ThreatInfo* info = req.mutable_threat_info();
+  // The order of these is important.
   info->add_platform_types(GetCurrentPlatformType());
   info->add_platform_types(CHROME_PLATFORM);
 
   info->add_threat_entry_types(URL);
 
+  // The order of these is important.

[Nathan Parker, 2016/11/08 23:50:11]

How does the order matter?

[vakh (use Gerrit instead), 2016/11/10 01:05:56]

The order mattered because if they are not in the same order as they are in the
request generated by product code, then the base64 encoded strings won't match.

Turns out, the order in which the unordered_set returns values varies by
platform (which isn't wrong) so I changed the code to sort incoming
platform_types, threat_entry_types, and threat_types using a set and then store
them in a vector. That makes the order predictable.

   info->add_threat_types(MALWARE_THREAT);
+  info->add_threat_types(SOCIAL_ENGINEERING_PUBLIC);
+  info->add_threat_types(POTENTIALLY_HARMFUL_APPLICATION);
   info->add_threat_types(API_ABUSE);
 
   HashPrefix one = "hashone";
   HashPrefix two = "hashtwo";
   info->add_threat_entries()->set_hash(one);
   info->add_threat_entries()->set_hash(two);
 
   std::unique_ptr<V4GetHashProtocolManager> pm(CreateProtocolManager());
   req.mutable_client()->set_client_id(pm->config_.client_name);
   req.mutable_client()->set_client_version(pm->config_.version);
@@ skipping 20 matching lines @@
   ThreatMatch* m = res.add_matches();
   m->set_threat_type(API_ABUSE);
   m->set_platform_type(CHROME_PLATFORM);
   m->set_threat_entry_type(URL);
   m->mutable_cache_duration()->set_seconds(300);
   m->mutable_threat()->set_hash(full_hash);
   ThreatEntryMetadata::MetadataEntry* e =
       m->mutable_threat_entry_metadata()->add_entries();
   e->set_key("permission");
   e->set_value("NOTIFICATIONS");
+  // Add another ThreatMatch for a list we don't track. This response should
+  // get dropped.
+  m = res.add_matches();
+  m->set_threat_type(THREAT_TYPE_UNSPECIFIED);
+  m->set_platform_type(CHROME_PLATFORM);
+  m->set_threat_entry_type(URL);
+  m->mutable_cache_duration()->set_seconds(300);
+  m->mutable_threat()->set_hash(full_hash);
 
   // Serialize.
   std::string res_data;
   res.SerializeToString(&res_data);
 
   std::vector<FullHashInfo> full_hash_infos;
   base::Time cache_expire;
   EXPECT_TRUE(pm->ParseHashResponse(res_data, &full_hash_infos, &cache_expire));
 
   EXPECT_EQ(now + base::TimeDelta::FromSeconds(600), cache_expire);
+  // Even though the server responded with two ThreatMatch responses, one
+  // should have been dropped.
   ASSERT_EQ(1ul, full_hash_infos.size());
   const FullHashInfo& fhi = full_hash_infos[0];
   EXPECT_EQ(full_hash, fhi.full_hash);
   EXPECT_EQ(GetChromeUrlApiId(), fhi.list_id);
   EXPECT_EQ(1ul, fhi.metadata.api_permissions.size());
   EXPECT_EQ(1ul, fhi.metadata.api_permissions.count("NOTIFICATIONS"));
   EXPECT_EQ(now + base::TimeDelta::FromSeconds(300), fhi.positive_expiry);
   EXPECT_EQ(now + base::TimeDelta::FromSeconds(400), pm->next_gethash_time_);
 }
 
@@ skipping 387 matching lines @@
   full_hash = FullHash("Everything's shiny, Cap'n.");
   info = ResponseInfo(full_hash, GetChromeUrlApiId());
   info.key_values.emplace_back("permission", "GEOLOCATION");
   infos.push_back(info);
   SetupFetcherToReturnOKResponse(factory, infos);
 
   EXPECT_TRUE(callback_called());
 }
 
 }  // namespace safe_browsing