PVer4: Filter out the safe crxs before calling OnCheckExtensionsResult

components/safe_browsing_db/v4_local_database_manager.h

Index: components/safe_browsing_db/v4_local_database_manager.h
diff --git a/components/safe_browsing_db/v4_local_database_manager.h b/components/safe_browsing_db/v4_local_database_manager.h
index 4cf816067b7dbaeab0d5c4d2a78e1b40037caf79..e010dee3cef1be1d3fb7890f5409da052d1ef8c3 100644
--- a/components/safe_browsing_db/v4_local_database_manager.h
+++ b/components/safe_browsing_db/v4_local_database_manager.h
@@ -134,8 +134,8 @@ class V4LocalDatabaseManager : public SafeBrowsingDatabaseManager {
     // know whether the URL in |url| is safe or unsafe.
     const ClientCallbackType client_callback_type;
 
-    // The threat verdict for the URL being checked.
-    SBThreatType result_threat_type;
+    // The most severe threat verdict for the URLs/hashes being checked.
+    SBThreatType most_severe_threat_type;
 
     // When the check was sent to the SafeBrowsing service. Used to record the
     // time it takes to get the uncached full hashes from the service (or a
@@ -149,10 +149,13 @@ class V4LocalDatabaseManager : public SafeBrowsingDatabaseManager {
     // one of |full_hashes| and |urls| should be greater than 0.
     const std::vector<GURL> urls;
 
-    // The full hashes that are being checked for being safe. The size of
-    // exactly one of |full_hashes| and |urls| should be greater than 0.
+    // The full hashes that are being checked for being safe.
     std::vector<FullHash> full_hashes;
 
+    // The most severe SBThreatType for each full hash in |full_hashes|. The
+    // length of |full_hash_threat_type| must always match |full_hashes|.
+    std::vector<SBThreatType> full_hash_threat_types;

[Scott Hess - ex-Googler, 2017/03/13 21:43:06]

This feels clunky, like it should be a vector<pair<FullHash,SBThreatType>> in
the first place (or some other vector-of-combo).  But that also feels clunky. 
So I guess I'll just encourage thought on whether this has a more-elegant
alternative.

[vakh (use Gerrit instead), 2017/03/13 21:45:39]

Yes, I had the exact same argument in my head and chose to go with a this
because:
1. that would have been a bigger patch.
2. initializing full_hashes would have become less concise.

+
     // The metadata associated with the full hash of the severest match found
     // for that URL.
     ThreatMetadata url_metadata;
@@ -196,13 +199,18 @@ class V4LocalDatabaseManager : public SafeBrowsingDatabaseManager {
       const std::unique_ptr<PendingCheck>& check,
       FullHashToStoreAndHashPrefixesMap* full_hash_to_store_and_hash_prefixes);
 
-  // Finds the most severe |SBThreatType| and the corresponding |metadata|, and
-  // |matching_full_hash| from |full_hash_infos|.
+  // Goes over the |full_hash_infos| and stores the most severe SBThreatType in
+  // |most_severe_threat_type|, the corresponding metadata in |metadata|, and
+  // the matching full hash in |matching_full_hash|. Also, updates in
+  // |full_hash_threat_types|, the threat type for each full hash in
+  // |full_hashes|.
   void GetSeverestThreatTypeAndMetadata(
-      SBThreatType* result_threat_type,
+      const std::vector<FullHashInfo>& full_hash_infos,
+      const std::vector<FullHash>& full_hashes,
+      std::vector<SBThreatType>* full_hash_threat_types,
+      SBThreatType* most_severe_threat_type,
       ThreatMetadata* metadata,
-      FullHash* matching_full_hash,
-      const std::vector<FullHashInfo>& full_hash_infos);
+      FullHash* matching_full_hash);
 
   // Returns the SBThreatType for a given ListIdentifier.
   SBThreatType GetSBThreatTypeForList(const ListIdentifier& list_id);