| OLD | NEW |
|---|
| 1 // Copyright 2017 The Chromium Authors. All rights reserved. | 1 // Copyright 2017 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "base/files/file_path.h" | 5 #include "base/files/file_path.h" |
| 6 #include "base/files/file_util.h" | 6 #include "base/files/file_util.h" |
| 7 #include "base/files/scoped_temp_dir.h" | 7 #include "base/files/scoped_temp_dir.h" |
| 8 #include "base/memory/ptr_util.h" | 8 #include "base/memory/ptr_util.h" |
| 9 #include "base/path_service.h" | 9 #include "base/path_service.h" |
| 10 #include "base/run_loop.h" | 10 #include "base/run_loop.h" |
| 11 #include "base/version.h" | 11 #include "base/version.h" |
| 12 #include "content/public/browser/browser_thread.h" | 12 #include "content/public/browser/browser_thread.h" |
| 13 #include "content/public/test/test_browser_thread_bundle.h" | 13 #include "content/public/test/test_browser_thread_bundle.h" |
| 14 #include "extensions/browser/content_hash_reader.h" | 14 #include "extensions/browser/content_hash_reader.h" |
| 15 #include "extensions/browser/extensions_test.h" | 15 #include "extensions/browser/extensions_test.h" |
| 16 #include "extensions/common/constants.h" | 16 #include "extensions/common/constants.h" |
| 17 #include "extensions/common/extension_paths.h" | 17 #include "extensions/common/extension_paths.h" |
| 18 #include "extensions/common/file_util.h" | 18 #include "extensions/common/file_util.h" |
| 19 #include "testing/gtest/include/gtest/gtest.h" | 19 #include "testing/gtest/include/gtest/gtest.h" |
| 20 #include "third_party/zlib/google/zip.h" | 20 #include "third_party/zlib/google/zip.h" |
| 21 | 21 |
| 22 namespace extensions { | 22 namespace extensions { |
| 23 | 23 |
| 24 namespace { | 24 namespace { |
| 25 | 25 |
| 26 scoped_refptr<ContentHashReader> CreateContentHashReader( | 26 scoped_refptr<ContentHashReader> CreateContentHashReader( |
| 27 const Extension& extension, | 27 const Extension& extension, |
| 28 base::FilePath& extension_resource_path) { | 28 const base::FilePath& extension_resource_path) { |
| 29 return make_scoped_refptr(new ContentHashReader( | 29 return make_scoped_refptr(new ContentHashReader( |
| 30 extension.id(), *extension.version(), extension.path(), | 30 extension.id(), *extension.version(), extension.path(), |
| 31 extension_resource_path, | 31 extension_resource_path, |
| 32 ContentVerifierKey(kWebstoreSignaturesPublicKey, | 32 ContentVerifierKey(kWebstoreSignaturesPublicKey, |
| 33 kWebstoreSignaturesPublicKeySize))); | 33 kWebstoreSignaturesPublicKeySize))); |
| 34 } | 34 } |
| 35 | 35 |
| 36 void DoNothingWithReasonParam(ContentVerifyJob::FailureReason reason) {} | 36 void DoNothingWithReasonParam(ContentVerifyJob::FailureReason reason) {} |
| 37 | 37 |
| 38 class JobTestObserver : public ContentVerifyJob::TestObserver { | 38 class JobTestObserver : public ContentVerifyJob::TestObserver { |
| (...skipping 67 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 106 *destination = temp_dir_.GetPath(); | 106 *destination = temp_dir_.GetPath(); |
| 107 EXPECT_TRUE(zip::Unzip(extension_zip, *destination)); | 107 EXPECT_TRUE(zip::Unzip(extension_zip, *destination)); |
| 108 | 108 |
| 109 std::string error; | 109 std::string error; |
| 110 scoped_refptr<Extension> extension = file_util::LoadExtension( | 110 scoped_refptr<Extension> extension = file_util::LoadExtension( |
| 111 *destination, Manifest::INTERNAL, 0 /* flags */, &error); | 111 *destination, Manifest::INTERNAL, 0 /* flags */, &error); |
| 112 EXPECT_NE(nullptr, extension.get()) << " error:'" << error << "'"; | 112 EXPECT_NE(nullptr, extension.get()) << " error:'" << error << "'"; |
| 113 return extension; | 113 return extension; |
| 114 } | 114 } |
| 115 | 115 |
| 116 protected: |
| 117 ContentVerifyJob::FailureReason RunContentVerifyJob( |
| 118 const Extension& extension, |
| 119 const base::FilePath& resource_path, |
| 120 std::string& resource_contents) { |
| 121 JobTestObserver observer(extension.id(), resource_path); |
| 122 scoped_refptr<ContentHashReader> content_hash_reader = |
| 123 CreateContentHashReader(extension, resource_path); |
| 124 scoped_refptr<ContentVerifyJob> verify_job = new ContentVerifyJob( |
| 125 content_hash_reader.get(), base::Bind(&DoNothingWithReasonParam)); |
| 126 verify_job->Start(); |
| 127 { |
| 128 // Simulate serving |resource_contents| from |resource_path|. |
| 129 verify_job->BytesRead(resource_contents.size(), |
| 130 base::string_as_array(&resource_contents)); |
| 131 verify_job->DoneReading(); |
| 132 } |
| 133 return observer.WaitAndGetFailureReason(); |
| 134 } |
| 135 |
| 116 private: | 136 private: |
| 117 base::ScopedTempDir temp_dir_; | 137 base::ScopedTempDir temp_dir_; |
| 118 std::unique_ptr<content::TestBrowserThreadBundle> browser_threads_; | 138 std::unique_ptr<content::TestBrowserThreadBundle> browser_threads_; |
| 119 | 139 |
| 120 DISALLOW_COPY_AND_ASSIGN(ContentVerifyJobUnittest); | 140 DISALLOW_COPY_AND_ASSIGN(ContentVerifyJobUnittest); |
| 121 }; | 141 }; |
| 122 | 142 |
| 123 // Tests that deleted legitimate files trigger content verification failure. | 143 // Tests that deleted legitimate files trigger content verification failure. |
| 124 // Also tests that non-existent file request does not trigger content | 144 // Also tests that non-existent file request does not trigger content |
| 125 // verification failure. | 145 // verification failure. |
| 126 TEST_F(ContentVerifyJobUnittest, DeletedAndMissingFiles) { | 146 TEST_F(ContentVerifyJobUnittest, DeletedAndMissingFiles) { |
| 127 base::FilePath unzipped_path; | 147 base::FilePath unzipped_path; |
| 128 base::FilePath test_dir_base = | 148 base::FilePath test_dir_base = |
| 129 GetTestPath(base::FilePath(FILE_PATH_LITERAL("with_verified_contents"))); | 149 GetTestPath(base::FilePath(FILE_PATH_LITERAL("with_verified_contents"))); |
| 130 scoped_refptr<Extension> extension = UnzipToTempDirAndLoad( | 150 scoped_refptr<Extension> extension = UnzipToTempDirAndLoad( |
| 131 test_dir_base.AppendASCII("source_all.zip"), &unzipped_path); | 151 test_dir_base.AppendASCII("source_all.zip"), &unzipped_path); |
| 132 ASSERT_TRUE(extension.get()); | 152 ASSERT_TRUE(extension.get()); |
| 133 // Make sure there is a verified_contents.json file there as this test cannot | 153 // Make sure there is a verified_contents.json file there as this test cannot |
| 134 // fetch it. | 154 // fetch it. |
| 135 EXPECT_TRUE( | 155 EXPECT_TRUE( |
| 136 base::PathExists(file_util::GetVerifiedContentsPath(extension->path()))); | 156 base::PathExists(file_util::GetVerifiedContentsPath(extension->path()))); |
| 137 | 157 |
| 138 const base::FilePath::CharType kExistentResource[] = | 158 const base::FilePath::CharType kExistentResource[] = |
| 139 FILE_PATH_LITERAL("background.js"); | 159 FILE_PATH_LITERAL("background.js"); |
| 140 base::FilePath existent_resource_path(kExistentResource); | 160 base::FilePath existent_resource_path(kExistentResource); |
| 141 { | 161 { |
| 142 // Make sure background.js passes verification correctly. | 162 // Make sure background.js passes verification correctly. |
| 143 JobTestObserver observer(extension->id(), existent_resource_path); | 163 std::string contents; |
| 144 | 164 base::ReadFileToString( |
| 145 scoped_refptr<ContentHashReader> content_hash_reader = | 165 unzipped_path.Append(base::FilePath(kExistentResource)), &contents); |
| 146 CreateContentHashReader(*extension.get(), existent_resource_path); | 166 EXPECT_EQ(ContentVerifyJob::NONE, |
| 147 scoped_refptr<ContentVerifyJob> verify_job = new ContentVerifyJob( | 167 RunContentVerifyJob(*extension.get(), existent_resource_path, |
| 148 content_hash_reader.get(), base::Bind(&DoNothingWithReasonParam)); | 168 contents)); |
| 149 verify_job->Start(); | |
| 150 { | |
| 151 // Simulate serving background.js. | |
| 152 std::string background_contents; | |
| 153 base::ReadFileToString( | |
| 154 unzipped_path.Append(base::FilePath(kExistentResource)), | |
| 155 &background_contents); | |
| 156 verify_job->BytesRead(background_contents.size(), | |
| 157 base::string_as_array(&background_contents)); | |
| 158 verify_job->DoneReading(); | |
| 159 } | |
| 160 ContentVerifyJob::FailureReason reason = observer.WaitAndGetFailureReason(); | |
| 161 // Expect no content-verification failure. | |
| 162 EXPECT_EQ(ContentVerifyJob::NONE, reason); | |
| 163 } | 169 } |
| 164 | 170 |
| 165 { | 171 { |
| 166 // Once background.js is deleted, verification will result in HASH_MISMATCH. | 172 // Once background.js is deleted, verification will result in HASH_MISMATCH. |
| 167 JobTestObserver observer(extension->id(), existent_resource_path); | 173 // Delete the existent file first. |
| 168 // Now delete the existent file. | |
| 169 EXPECT_TRUE(base::DeleteFile( | 174 EXPECT_TRUE(base::DeleteFile( |
| 170 unzipped_path.Append(base::FilePath(kExistentResource)), false)); | 175 unzipped_path.Append(base::FilePath(kExistentResource)), false)); |
| 171 | 176 |
| 172 scoped_refptr<ContentHashReader> content_hash_reader = | 177 // Deleted file will serve empty contents. |
| 173 CreateContentHashReader(*extension.get(), existent_resource_path); | 178 std::string empty_contents; |
| 174 scoped_refptr<ContentVerifyJob> verify_job = new ContentVerifyJob( | 179 EXPECT_EQ(ContentVerifyJob::HASH_MISMATCH, |
| 175 content_hash_reader.get(), base::Bind(&DoNothingWithReasonParam)); | 180 RunContentVerifyJob(*extension.get(), existent_resource_path, |
| 176 verify_job->Start(); | 181 empty_contents)); |
| 177 { | |
| 178 // Simulate serving deleted background.js. | |
| 179 std::string tmp; | |
| 180 verify_job->BytesRead(0, base::string_as_array(&tmp)); | |
| 181 verify_job->DoneReading(); | |
| 182 } | |
| 183 ContentVerifyJob::FailureReason reason = observer.WaitAndGetFailureReason(); | |
| 184 EXPECT_EQ(ContentVerifyJob::HASH_MISMATCH, reason); | |
| 185 } | 182 } |
| 186 | 183 |
| 187 { | 184 { |
| 188 // Now ask for a non-existent resource non-existent.js. Verification should | 185 // Now ask for a non-existent resource non-existent.js. Verification should |
| 189 // skip this file as it is not listed in our verified_contents.json file. | 186 // skip this file as it is not listed in our verified_contents.json file. |
| 190 const base::FilePath::CharType kNonExistentResource[] = | 187 const base::FilePath::CharType kNonExistentResource[] = |
| 191 FILE_PATH_LITERAL("non-existent.js"); | 188 FILE_PATH_LITERAL("non-existent.js"); |
| 192 base::FilePath non_existent_resource_path(kNonExistentResource); | 189 base::FilePath non_existent_resource_path(kNonExistentResource); |
| 193 JobTestObserver observer(extension->id(), non_existent_resource_path); | 190 // Non-existent file will serve empty contents. |
| 194 | 191 std::string empty_contents; |
| 195 scoped_refptr<ContentHashReader> content_hash_reader = | 192 EXPECT_EQ(ContentVerifyJob::NONE, |
| 196 CreateContentHashReader(*extension.get(), non_existent_resource_path); | 193 RunContentVerifyJob(*extension.get(), non_existent_resource_path, |
| 197 scoped_refptr<ContentVerifyJob> verify_job = new ContentVerifyJob( | 194 empty_contents)); |
| 198 content_hash_reader.get(), base::Bind(&DoNothingWithReasonParam)); | |
| 199 verify_job->Start(); | |
| 200 { | |
| 201 // Simulate non existent file read. | |
| 202 std::string tmp; | |
| 203 verify_job->BytesRead(0, base::string_as_array(&tmp)); | |
| 204 verify_job->DoneReading(); | |
| 205 } | |
| 206 ContentVerifyJob::FailureReason reason = observer.WaitAndGetFailureReason(); | |
| 207 // Expect no content-verification failure. | |
| 208 EXPECT_EQ(ContentVerifyJob::NONE, reason); | |
| 209 } | 195 } |
| 210 } | 196 } |
| 211 | 197 |
| 212 // Tests that content modification causes content verification failure. | 198 // Tests that content modification causes content verification failure. |
| 213 TEST_F(ContentVerifyJobUnittest, ContentMismatch) { | 199 TEST_F(ContentVerifyJobUnittest, ContentMismatch) { |
| 214 base::FilePath unzipped_path; | 200 base::FilePath unzipped_path; |
| 215 base::FilePath test_dir_base = | 201 base::FilePath test_dir_base = |
| 216 GetTestPath(base::FilePath(FILE_PATH_LITERAL("with_verified_contents"))); | 202 GetTestPath(base::FilePath(FILE_PATH_LITERAL("with_verified_contents"))); |
| 217 scoped_refptr<Extension> extension = UnzipToTempDirAndLoad( | 203 scoped_refptr<Extension> extension = UnzipToTempDirAndLoad( |
| 218 test_dir_base.AppendASCII("source_all.zip"), &unzipped_path); | 204 test_dir_base.AppendASCII("source_all.zip"), &unzipped_path); |
| 219 ASSERT_TRUE(extension.get()); | 205 ASSERT_TRUE(extension.get()); |
| 220 // Make sure there is a verified_contents.json file there as this test cannot | 206 // Make sure there is a verified_contents.json file there as this test cannot |
| 221 // fetch it. | 207 // fetch it. |
| 222 EXPECT_TRUE( | 208 EXPECT_TRUE( |
| 223 base::PathExists(file_util::GetVerifiedContentsPath(extension->path()))); | 209 base::PathExists(file_util::GetVerifiedContentsPath(extension->path()))); |
| 224 | 210 |
| 225 const base::FilePath::CharType kResource[] = | 211 const base::FilePath::CharType kResource[] = |
| 226 FILE_PATH_LITERAL("background.js"); | 212 FILE_PATH_LITERAL("background.js"); |
| 227 base::FilePath existent_resource_path(kResource); | 213 base::FilePath existent_resource_path(kResource); |
| 228 { | 214 { |
| 229 // Make sure modified background.js fails content verification. | 215 // Make sure modified background.js fails content verification. |
| 230 JobTestObserver observer(extension->id(), existent_resource_path); | 216 std::string modified_contents; |
| 231 | 217 base::ReadFileToString(unzipped_path.Append(base::FilePath(kResource)), |
| 232 scoped_refptr<ContentHashReader> content_hash_reader = | 218 &modified_contents); |
| 233 CreateContentHashReader(*extension.get(), existent_resource_path); | 219 modified_contents.append("console.log('modified');"); |
| 234 scoped_refptr<ContentVerifyJob> verify_job = new ContentVerifyJob( | 220 EXPECT_EQ(ContentVerifyJob::HASH_MISMATCH, |
| 235 content_hash_reader.get(), base::Bind(&DoNothingWithReasonParam)); | 221 RunContentVerifyJob(*extension.get(), existent_resource_path, |
| 236 verify_job->Start(); | 222 modified_contents)); |
| 237 { | |
| 238 // Simulate serving *modified* background.js. | |
| 239 std::string modified_contents; | |
| 240 base::ReadFileToString(unzipped_path.Append(base::FilePath(kResource)), | |
| 241 &modified_contents); | |
| 242 modified_contents.append("console.log('modified');"); | |
| 243 verify_job->BytesRead(modified_contents.size(), | |
| 244 base::string_as_array(&modified_contents)); | |
| 245 verify_job->DoneReading(); | |
| 246 } | |
| 247 ContentVerifyJob::FailureReason reason = observer.WaitAndGetFailureReason(); | |
| 248 EXPECT_EQ(ContentVerifyJob::HASH_MISMATCH, reason); | |
| 249 } | 223 } |
| 250 } | 224 } |
| 251 | 225 |
| 226 // Tests that extension resources that are originally 0 byte behave correctly |
| 227 // with content verification. |
| 228 TEST_F(ContentVerifyJobUnittest, LegitimateZeroByteFile) { |
| 229 base::FilePath unzipped_path; |
| 230 base::FilePath test_dir_base = |
| 231 GetTestPath(base::FilePath(FILE_PATH_LITERAL("zero_byte_file"))); |
| 232 // |extension| has a 0 byte background.js file in it. |
| 233 scoped_refptr<Extension> extension = UnzipToTempDirAndLoad( |
| 234 test_dir_base.AppendASCII("source.zip"), &unzipped_path); |
| 235 ASSERT_TRUE(extension.get()); |
| 236 // Make sure there is a verified_contents.json file there as this test cannot |
| 237 // fetch it. |
| 238 EXPECT_TRUE( |
| 239 base::PathExists(file_util::GetVerifiedContentsPath(extension->path()))); |
| 240 |
| 241 const base::FilePath::CharType kResource[] = |
| 242 FILE_PATH_LITERAL("background.js"); |
| 243 base::FilePath resource_path(kResource); |
| 244 { |
| 245 // Make sure 0 byte background.js passes content verification. |
| 246 std::string contents; |
| 247 base::ReadFileToString(unzipped_path.Append(base::FilePath(kResource)), |
| 248 &contents); |
| 249 EXPECT_EQ(ContentVerifyJob::NONE, |
| 250 RunContentVerifyJob(*extension.get(), resource_path, contents)); |
| 251 } |
| 252 |
| 253 { |
| 254 // Make sure non-empty background.js fails content verification. |
| 255 std::string modified_contents = "console.log('non empty');"; |
| 256 EXPECT_EQ(ContentVerifyJob::HASH_MISMATCH, |
| 257 RunContentVerifyJob(*extension.get(), resource_path, |
| 258 modified_contents)); |
| 259 } |
| 260 } |
| 261 |
| 252 } // namespace extensions | 262 } // namespace extensions |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2786803002:
Add a ContentVerifyJob test for sanity checking legitimate 0 byte file. (Closed)
