Chromium Code Reviews Chromium Code Reviews
Issue 2934373002:
Record Code Signature of Downloaded DMG files (Closed)
| OLD | NEW |
|---|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/utility/safe_browsing/mac/udif.h" | 5 #include "chrome/utility/safe_browsing/mac/udif.h" |
| 6 | 6 |
| 7 #include <CoreFoundation/CoreFoundation.h> | 7 #include <CoreFoundation/CoreFoundation.h> |
| 8 #include <bzlib.h> | 8 #include <bzlib.h> |
| 9 #include <libkern/OSByteOrder.h> | 9 #include <libkern/OSByteOrder.h> |
| 10 #include <uuid/uuid.h> | 10 #include <uuid/uuid.h> |
| (...skipping 330 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 341 | 341 |
| 342 DISALLOW_COPY_AND_ASSIGN(UDIFBlockChunkReadStream); | 342 DISALLOW_COPY_AND_ASSIGN(UDIFBlockChunkReadStream); |
| 343 }; | 343 }; |
| 344 | 344 |
| 345 } // namespace | 345 } // namespace |
| 346 | 346 |
| 347 UDIFParser::UDIFParser(ReadStream* stream) | 347 UDIFParser::UDIFParser(ReadStream* stream) |
| 348 : stream_(stream), | 348 : stream_(stream), |
| 349 partition_names_(), | 349 partition_names_(), |
| 350 blocks_(), | 350 blocks_(), |
| 351 block_size_(kSectorSize) { | 351 block_size_(kSectorSize) {} |
| 352 } | |
| 353 | 352 |
| 354 UDIFParser::~UDIFParser() {} | 353 UDIFParser::~UDIFParser() {} |
| 355 | 354 |
| 356 bool UDIFParser::Parse() { | 355 bool UDIFParser::Parse() { |
| 357 if (!ParseBlkx()) | 356 if (!ParseBlkx()) |
| 358 return false; | 357 return false; |
| 359 | 358 |
| 360 return true; | 359 return true; |
| 361 } | 360 } |
| 362 | 361 |
| 362 const std::vector<uint8_t>& UDIFParser::GetDmgSignatureData() { | |
| 363 return signature_blob_; | |
| 364 } | |
| 365 | |
| 363 size_t UDIFParser::GetNumberOfPartitions() { | 366 size_t UDIFParser::GetNumberOfPartitions() { |
| 364 return blocks_.size(); | 367 return blocks_.size(); |
| 365 } | 368 } |
| 366 | 369 |
| 367 std::string UDIFParser::GetPartitionName(size_t part_number) { | 370 std::string UDIFParser::GetPartitionName(size_t part_number) { |
| 368 DCHECK_LT(part_number, partition_names_.size()); | 371 DCHECK_LT(part_number, partition_names_.size()); |
| 369 return partition_names_[part_number]; | 372 return partition_names_[part_number]; |
| 370 } | 373 } |
| 371 | 374 |
| 372 std::string UDIFParser::GetPartitionType(size_t part_number) { | 375 std::string UDIFParser::GetPartitionType(size_t part_number) { |
| (...skipping 177 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 550 << ", SectorCount = " << chunk->sector_count | 553 << ", SectorCount = " << chunk->sector_count |
| 551 << ", CompressOffset = " << chunk->compressed_offset | 554 << ", CompressOffset = " << chunk->compressed_offset |
| 552 << ", CompressLen = " << chunk->compressed_length; | 555 << ", CompressLen = " << chunk->compressed_length; |
| 553 } | 556 } |
| 554 } | 557 } |
| 555 | 558 |
| 556 blocks_.push_back(std::move(block)); | 559 blocks_.push_back(std::move(block)); |
| 557 partition_names_.push_back(partition_name); | 560 partition_names_.push_back(partition_name); |
| 558 } | 561 } |
| 559 | 562 |
| 563 // The offsets in the trailer could be garbage in DMGs that aren't signed. | |
| 564 // Need a sanity check that the DMG has legit values for these fields. | |
| 565 if (trailer.code_signature_length != 0 && trailer_start > 0) { | |
| 566 auto code_signature_end = | |
| 567 base::CheckedNumeric<size_t>(trailer.code_signature_offset) + | |
| 568 trailer.code_signature_length; | |
| 569 if (code_signature_end.IsValid() && | |
| 570 code_signature_end.ValueOrDie() <= | |
| 571 base::checked_cast<size_t>(trailer_start)) { | |
| 572 signature_blob_.resize(trailer.code_signature_length); | |
| 573 | |
| 574 off_t code_signature_start = | |
| 575 stream_->Seek(trailer.code_signature_offset, SEEK_SET); | |
| 576 if (code_signature_start == -1) | |
| 577 return false; | |
| 578 | |
| 579 size_t bytes_read = 0; | |
| 580 | |
| 581 if (!stream_->Read(signature_blob_.data(), trailer.code_signature_length, | |
| 582 &bytes_read)) { | |
| 583 DLOG(ERROR) << "Failed to read raw signature bytes"; | |
| 584 return false; | |
| 585 } | |
| 586 | |
| 587 if (bytes_read != trailer.code_signature_length) | |
|
Robert Sesek
2017/06/28 18:21:06
DLOGing here would be helpful too, I think.
mortonm
2017/06/28 23:07:09
Done.
| |
| 588 return false; | |
| 589 } | |
| 590 } | |
| 591 | |
| 560 return true; | 592 return true; |
| 561 } | 593 } |
| 562 | 594 |
| 563 namespace { | 595 namespace { |
| 564 | 596 |
| 565 UDIFPartitionReadStream::UDIFPartitionReadStream( | 597 UDIFPartitionReadStream::UDIFPartitionReadStream( |
| 566 ReadStream* stream, | 598 ReadStream* stream, |
| 567 uint16_t block_size, | 599 uint16_t block_size, |
| 568 const UDIFBlock* partition_block) | 600 const UDIFBlock* partition_block) |
| 569 : stream_(stream), | 601 : stream_(stream), |
| (...skipping 295 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 865 << chunk_->compressed_offset; | 897 << chunk_->compressed_offset; |
| 866 return false; | 898 return false; |
| 867 } | 899 } |
| 868 return true; | 900 return true; |
| 869 } | 901 } |
| 870 | 902 |
| 871 } // namespace | 903 } // namespace |
| 872 | 904 |
| 873 } // namespace dmg | 905 } // namespace dmg |
| 874 } // namespace safe_browsing | 906 } // namespace safe_browsing |
| OLD | NEW |
