| OLD | NEW |
|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/safe_browsing/sandboxed_zip_analyzer.h" | 5 #include "chrome/browser/safe_browsing/sandboxed_zip_analyzer.h" |
| 6 | 6 |
| 7 #include <stdint.h> | 7 #include <stdint.h> |
| 8 | 8 |
| 9 #include "base/bind.h" | 9 #include "base/bind.h" |
| 10 #include "base/bind_helpers.h" | 10 #include "base/bind_helpers.h" |
| (...skipping 48 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 59 ArchiveAnalyzerResults* results_; | 59 ArchiveAnalyzerResults* results_; |
| 60 DISALLOW_COPY_AND_ASSIGN(ResultsGetter); | 60 DISALLOW_COPY_AND_ASSIGN(ResultsGetter); |
| 61 }; | 61 }; |
| 62 | 62 |
| 63 SandboxedZipAnalyzerTest() | 63 SandboxedZipAnalyzerTest() |
| 64 : browser_thread_bundle_(content::TestBrowserThreadBundle::IO_MAINLOOP) {} | 64 : browser_thread_bundle_(content::TestBrowserThreadBundle::IO_MAINLOOP) {} |
| 65 | 65 |
| 66 void SetUp() override { | 66 void SetUp() override { |
| 67 ASSERT_TRUE(PathService::Get(chrome::DIR_TEST_DATA, &dir_test_data_)); | 67 ASSERT_TRUE(PathService::Get(chrome::DIR_TEST_DATA, &dir_test_data_)); |
| 68 dir_test_data_ = dir_test_data_.AppendASCII("safe_browsing"); | 68 dir_test_data_ = dir_test_data_.AppendASCII("safe_browsing"); |
| 69 dir_test_data_ = dir_test_data_.AppendASCII("download_protection"); | 69 // dir_test_data_ = dir_test_data_.AppendASCII("download_protection"); |
| 70 } | 70 } |
| 71 | 71 |
| 72 // Runs a sandboxed zip analyzer on |file_path|, writing its results into | 72 // Runs a sandboxed zip analyzer on |file_path|, writing its results into |
| 73 // |results|. | 73 // |results|. |
| 74 void RunAnalyzer(const base::FilePath& file_path, | 74 void RunAnalyzer(const base::FilePath& file_path, |
| 75 ArchiveAnalyzerResults* results) { | 75 ArchiveAnalyzerResults* results) { |
| 76 DCHECK(results); | 76 DCHECK(results); |
| 77 base::RunLoop run_loop; | 77 base::RunLoop run_loop; |
| 78 ResultsGetter results_getter(run_loop.QuitClosure(), results); | 78 ResultsGetter results_getter(run_loop.QuitClosure(), results); |
| 79 scoped_refptr<SandboxedZipAnalyzer> analyzer( | 79 scoped_refptr<SandboxedZipAnalyzer> analyzer( |
| (...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 117 EXPECT_EQ(data.length, binary.length()); | 117 EXPECT_EQ(data.length, binary.length()); |
| 118 #if defined(OS_WIN) | 118 #if defined(OS_WIN) |
| 119 // ExtractImageFeatures only implemented for Windows, and only works on PE | 119 // ExtractImageFeatures only implemented for Windows, and only works on PE |
| 120 // files. | 120 // files. |
| 121 if (binary.file_basename().find(".exe") != std::string::npos) { | 121 if (binary.file_basename().find(".exe") != std::string::npos) { |
| 122 ExpectPEHeaders(data, binary); | 122 ExpectPEHeaders(data, binary); |
| 123 return; | 123 return; |
| 124 } | 124 } |
| 125 #endif // OS_WIN | 125 #endif // OS_WIN |
| 126 ASSERT_FALSE(binary.has_signature()); | 126 ASSERT_FALSE(binary.has_signature()); |
| 127 #if defined(OS_MACOSX) |
| 128 ASSERT_TRUE(binary.has_image_headers()); |
| 129 #else |
| 127 ASSERT_FALSE(binary.has_image_headers()); | 130 ASSERT_FALSE(binary.has_image_headers()); |
| 131 #endif |
| 128 } | 132 } |
| 129 | 133 |
| 130 static const uint8_t kUnsignedDigest[]; | 134 static const uint8_t kUnsignedDigest[]; |
| 131 static const uint8_t kSignedDigest[]; | 135 static const uint8_t kSignedDigest[]; |
| 132 static const uint8_t kJSEFileDigest[]; | 136 static const uint8_t kJSEFileDigest[]; |
| 133 static const BinaryData kUnsignedExe; | 137 static const BinaryData kUnsignedExe; |
| 134 static const BinaryData kSignedExe; | 138 static const BinaryData kSignedExe; |
| 135 static const BinaryData kJSEFile; | 139 static const BinaryData kJSEFile; |
| 136 | 140 |
| 141 #if defined(OS_MACOSX) |
| 142 static const uint8_t kMachODigest[]; |
| 143 static const BinaryData kMachO; |
| 144 #endif // OS_MACOSX |
| 145 |
| 137 base::FilePath dir_test_data_; | 146 base::FilePath dir_test_data_; |
| 138 content::TestBrowserThreadBundle browser_thread_bundle_; | 147 content::TestBrowserThreadBundle browser_thread_bundle_; |
| 139 content::InProcessUtilityThreadHelper utility_thread_helper_; | 148 content::InProcessUtilityThreadHelper utility_thread_helper_; |
| 140 }; | 149 }; |
| 141 | 150 |
| 142 // static | 151 // static |
| 143 const uint8_t SandboxedZipAnalyzerTest::kUnsignedDigest[] = { | 152 const uint8_t SandboxedZipAnalyzerTest::kUnsignedDigest[] = { |
| 144 0x1e, 0x95, 0x4d, 0x9c, 0xe0, 0x38, 0x9e, 0x2b, 0xa7, 0x44, 0x72, | 153 0x1e, 0x95, 0x4d, 0x9c, 0xe0, 0x38, 0x9e, 0x2b, 0xa7, 0x44, 0x72, |
| 145 0x16, 0xf2, 0x17, 0x61, 0xf9, 0x8d, 0x1e, 0x65, 0x40, 0xc2, 0xab, | 154 0x16, 0xf2, 0x17, 0x61, 0xf9, 0x8d, 0x1e, 0x65, 0x40, 0xc2, 0xab, |
| 146 0xec, 0xdb, 0xec, 0xff, 0x57, 0x0e, 0x36, 0xc4, 0x93, 0xdb}; | 155 0xec, 0xdb, 0xec, 0xff, 0x57, 0x0e, 0x36, 0xc4, 0x93, 0xdb}; |
| (...skipping 23 matching lines...) Expand all Loading... |
| 170 }; | 179 }; |
| 171 const SandboxedZipAnalyzerTest::BinaryData SandboxedZipAnalyzerTest::kJSEFile = | 180 const SandboxedZipAnalyzerTest::BinaryData SandboxedZipAnalyzerTest::kJSEFile = |
| 172 { | 181 { |
| 173 "hello.jse", | 182 "hello.jse", |
| 174 ClientDownloadRequest_DownloadType_WIN_EXECUTABLE, | 183 ClientDownloadRequest_DownloadType_WIN_EXECUTABLE, |
| 175 &kJSEFileDigest[0], | 184 &kJSEFileDigest[0], |
| 176 6, | 185 6, |
| 177 false, // is_signed | 186 false, // is_signed |
| 178 }; | 187 }; |
| 179 | 188 |
| 189 #if defined(OS_MACOSX) |
| 190 const uint8_t SandboxedZipAnalyzerTest::kMachODigest[] = { |
| 191 0xe4, 0x62, 0xff, 0x75, 0x2f, 0xf9, 0xd8, 0x4e, 0x34, 0xd8, 0x43, |
| 192 0xe5, 0xd4, 0x6e, 0x20, 0x12, 0xad, 0xcb, 0xd4, 0x85, 0x40, 0xa8, |
| 193 0x47, 0x3f, 0xb7, 0x94, 0xb2, 0x86, 0xa3, 0x89, 0xb9, 0x45}; |
| 194 const SandboxedZipAnalyzerTest::BinaryData SandboxedZipAnalyzerTest::kMachO = { |
| 195 "executablefat", |
| 196 ClientDownloadRequest_DownloadType_MAC_EXECUTABLE, |
| 197 &kMachODigest[0], |
| 198 16640, |
| 199 false, // !is_signed |
| 200 }; |
| 201 #endif // OS_MACOSX |
| 202 |
| 180 TEST_F(SandboxedZipAnalyzerTest, NoBinaries) { | 203 TEST_F(SandboxedZipAnalyzerTest, NoBinaries) { |
| 181 ArchiveAnalyzerResults results; | 204 ArchiveAnalyzerResults results; |
| 182 RunAnalyzer(dir_test_data_.AppendASCII("zipfile_no_binaries.zip"), &results); | 205 RunAnalyzer( |
| 206 dir_test_data_.AppendASCII("download_protection/zipfile_no_binaries.zip"), |
| 207 &results); |
| 183 ASSERT_TRUE(results.success); | 208 ASSERT_TRUE(results.success); |
| 184 EXPECT_FALSE(results.has_executable); | 209 EXPECT_FALSE(results.has_executable); |
| 185 EXPECT_FALSE(results.has_archive); | 210 EXPECT_FALSE(results.has_archive); |
| 186 EXPECT_EQ(0, results.archived_binary.size()); | 211 EXPECT_EQ(0, results.archived_binary.size()); |
| 187 } | 212 } |
| 188 | 213 |
| 189 TEST_F(SandboxedZipAnalyzerTest, OneUnsignedBinary) { | 214 TEST_F(SandboxedZipAnalyzerTest, OneUnsignedBinary) { |
| 190 ArchiveAnalyzerResults results; | 215 ArchiveAnalyzerResults results; |
| 191 RunAnalyzer(dir_test_data_.AppendASCII("zipfile_one_unsigned_binary.zip"), | 216 RunAnalyzer(dir_test_data_.AppendASCII( |
| 217 "download_protection/zipfile_one_unsigned_binary.zip"), |
| 192 &results); | 218 &results); |
| 193 ASSERT_TRUE(results.success); | 219 ASSERT_TRUE(results.success); |
| 194 EXPECT_TRUE(results.has_executable); | 220 EXPECT_TRUE(results.has_executable); |
| 195 EXPECT_FALSE(results.has_archive); | 221 EXPECT_FALSE(results.has_archive); |
| 196 ASSERT_EQ(1, results.archived_binary.size()); | 222 ASSERT_EQ(1, results.archived_binary.size()); |
| 197 ExpectBinary(kUnsignedExe, results.archived_binary.Get(0)); | 223 ExpectBinary(kUnsignedExe, results.archived_binary.Get(0)); |
| 198 } | 224 } |
| 199 | 225 |
| 200 TEST_F(SandboxedZipAnalyzerTest, TwoBinariesOneSigned) { | 226 TEST_F(SandboxedZipAnalyzerTest, TwoBinariesOneSigned) { |
| 201 ArchiveAnalyzerResults results; | 227 ArchiveAnalyzerResults results; |
| 202 RunAnalyzer(dir_test_data_.AppendASCII("zipfile_two_binaries_one_signed.zip"), | 228 RunAnalyzer(dir_test_data_.AppendASCII( |
| 229 "download_protection/zipfile_two_binaries_one_signed.zip"), |
| 203 &results); | 230 &results); |
| 204 ASSERT_TRUE(results.success); | 231 ASSERT_TRUE(results.success); |
| 205 EXPECT_TRUE(results.has_executable); | 232 EXPECT_TRUE(results.has_executable); |
| 206 EXPECT_FALSE(results.has_archive); | 233 EXPECT_FALSE(results.has_archive); |
| 207 ASSERT_EQ(2, results.archived_binary.size()); | 234 ASSERT_EQ(2, results.archived_binary.size()); |
| 208 ExpectBinary(kUnsignedExe, results.archived_binary.Get(0)); | 235 ExpectBinary(kUnsignedExe, results.archived_binary.Get(0)); |
| 209 ExpectBinary(kSignedExe, results.archived_binary.Get(1)); | 236 ExpectBinary(kSignedExe, results.archived_binary.Get(1)); |
| 210 } | 237 } |
| 211 | 238 |
| 212 TEST_F(SandboxedZipAnalyzerTest, ZippedArchiveNoBinaries) { | 239 TEST_F(SandboxedZipAnalyzerTest, ZippedArchiveNoBinaries) { |
| 213 ArchiveAnalyzerResults results; | 240 ArchiveAnalyzerResults results; |
| 214 RunAnalyzer(dir_test_data_.AppendASCII("zipfile_archive_no_binaries.zip"), | 241 RunAnalyzer(dir_test_data_.AppendASCII( |
| 242 "download_protection/zipfile_archive_no_binaries.zip"), |
| 215 &results); | 243 &results); |
| 216 ASSERT_TRUE(results.success); | 244 ASSERT_TRUE(results.success); |
| 217 EXPECT_FALSE(results.has_executable); | 245 EXPECT_FALSE(results.has_executable); |
| 218 EXPECT_TRUE(results.has_archive); | 246 EXPECT_TRUE(results.has_archive); |
| 219 EXPECT_EQ(1, results.archived_binary.size()); | 247 EXPECT_EQ(1, results.archived_binary.size()); |
| 220 ASSERT_EQ(1u, results.archived_archive_filenames.size()); | 248 ASSERT_EQ(1u, results.archived_archive_filenames.size()); |
| 221 EXPECT_EQ(FILE_PATH_LITERAL("hello.zip"), | 249 EXPECT_EQ(FILE_PATH_LITERAL("hello.zip"), |
| 222 results.archived_archive_filenames[0].value()); | 250 results.archived_archive_filenames[0].value()); |
| 223 } | 251 } |
| 224 | 252 |
| 225 TEST_F(SandboxedZipAnalyzerTest, ZippedRarArchiveNoBinaries) { | 253 TEST_F(SandboxedZipAnalyzerTest, ZippedRarArchiveNoBinaries) { |
| 226 ArchiveAnalyzerResults results; | 254 ArchiveAnalyzerResults results; |
| 227 RunAnalyzer(dir_test_data_.AppendASCII("zipfile_rar_archive_no_binaries.zip"), | 255 RunAnalyzer(dir_test_data_.AppendASCII( |
| 256 "download_protection/zipfile_rar_archive_no_binaries.zip"), |
| 228 &results); | 257 &results); |
| 229 ASSERT_TRUE(results.success); | 258 ASSERT_TRUE(results.success); |
| 230 EXPECT_FALSE(results.has_executable); | 259 EXPECT_FALSE(results.has_executable); |
| 231 EXPECT_TRUE(results.has_archive); | 260 EXPECT_TRUE(results.has_archive); |
| 232 EXPECT_EQ(1, results.archived_binary.size()); | 261 EXPECT_EQ(1, results.archived_binary.size()); |
| 233 ASSERT_EQ(1u, results.archived_archive_filenames.size()); | 262 ASSERT_EQ(1u, results.archived_archive_filenames.size()); |
| 234 EXPECT_EQ(FILE_PATH_LITERAL("hello.rar"), | 263 EXPECT_EQ(FILE_PATH_LITERAL("hello.rar"), |
| 235 results.archived_archive_filenames[0].value()); | 264 results.archived_archive_filenames[0].value()); |
| 236 } | 265 } |
| 237 | 266 |
| 238 TEST_F(SandboxedZipAnalyzerTest, ZippedArchiveAndBinaries) { | 267 TEST_F(SandboxedZipAnalyzerTest, ZippedArchiveAndBinaries) { |
| 239 ArchiveAnalyzerResults results; | 268 ArchiveAnalyzerResults results; |
| 240 RunAnalyzer(dir_test_data_.AppendASCII("zipfile_archive_and_binaries.zip"), | 269 RunAnalyzer(dir_test_data_.AppendASCII( |
| 270 "download_protection/zipfile_archive_and_binaries.zip"), |
| 241 &results); | 271 &results); |
| 242 ASSERT_TRUE(results.success); | 272 ASSERT_TRUE(results.success); |
| 243 EXPECT_TRUE(results.has_executable); | 273 EXPECT_TRUE(results.has_executable); |
| 244 EXPECT_TRUE(results.has_archive); | 274 EXPECT_TRUE(results.has_archive); |
| 245 ASSERT_EQ(2, results.archived_binary.size()); | 275 ASSERT_EQ(2, results.archived_binary.size()); |
| 246 ExpectBinary(kSignedExe, results.archived_binary.Get(0)); | 276 ExpectBinary(kSignedExe, results.archived_binary.Get(0)); |
| 247 ASSERT_EQ(1u, results.archived_archive_filenames.size()); | 277 ASSERT_EQ(1u, results.archived_archive_filenames.size()); |
| 248 EXPECT_EQ(FILE_PATH_LITERAL("hello.7z"), | 278 EXPECT_EQ(FILE_PATH_LITERAL("hello.7z"), |
| 249 results.archived_archive_filenames[0].value()); | 279 results.archived_archive_filenames[0].value()); |
| 250 } | 280 } |
| 251 | 281 |
| 252 TEST_F(SandboxedZipAnalyzerTest, | 282 TEST_F(SandboxedZipAnalyzerTest, |
| 253 ZippedArchiveAndBinariesWithTrailingSpaceAndPeriodChars) { | 283 ZippedArchiveAndBinariesWithTrailingSpaceAndPeriodChars) { |
| 254 ArchiveAnalyzerResults results; | 284 ArchiveAnalyzerResults results; |
| 255 RunAnalyzer(dir_test_data_.AppendASCII("zipfile_two_binaries_one_archive_" | 285 RunAnalyzer(dir_test_data_.AppendASCII( |
| 256 "trailing_space_and_period_chars.zip"), | 286 "download_protection/zipfile_two_binaries_one_archive_" |
| 287 "trailing_space_and_period_chars.zip"), |
| 257 &results); | 288 &results); |
| 258 ASSERT_TRUE(results.success); | 289 ASSERT_TRUE(results.success); |
| 259 EXPECT_TRUE(results.has_executable); | 290 EXPECT_TRUE(results.has_executable); |
| 260 EXPECT_TRUE(results.has_archive); | 291 EXPECT_TRUE(results.has_archive); |
| 261 ASSERT_EQ(3, results.archived_binary.size()); | 292 ASSERT_EQ(3, results.archived_binary.size()); |
| 262 | 293 |
| 263 BinaryData SignedExe = kSignedExe; | 294 BinaryData SignedExe = kSignedExe; |
| 264 SignedExe.file_basename = "signed.exe "; | 295 SignedExe.file_basename = "signed.exe "; |
| 265 BinaryData UnsignedExe = kUnsignedExe; | 296 BinaryData UnsignedExe = kUnsignedExe; |
| 266 UnsignedExe.file_basename = "unsigned.exe."; | 297 UnsignedExe.file_basename = "unsigned.exe."; |
| 267 ExpectBinary(SignedExe, results.archived_binary.Get(0)); | 298 ExpectBinary(SignedExe, results.archived_binary.Get(0)); |
| 268 ExpectBinary(UnsignedExe, results.archived_binary.Get(1)); | 299 ExpectBinary(UnsignedExe, results.archived_binary.Get(1)); |
| 269 ASSERT_EQ(1u, results.archived_archive_filenames.size()); | 300 ASSERT_EQ(1u, results.archived_archive_filenames.size()); |
| 270 EXPECT_EQ(FILE_PATH_LITERAL("zipfile_no_binaries.zip . . "), | 301 EXPECT_EQ(FILE_PATH_LITERAL("zipfile_no_binaries.zip . . "), |
| 271 results.archived_archive_filenames[0].value()); | 302 results.archived_archive_filenames[0].value()); |
| 272 } | 303 } |
| 273 | 304 |
| 274 TEST_F(SandboxedZipAnalyzerTest, ZippedJSEFile) { | 305 TEST_F(SandboxedZipAnalyzerTest, ZippedJSEFile) { |
| 275 ArchiveAnalyzerResults results; | 306 ArchiveAnalyzerResults results; |
| 276 RunAnalyzer(dir_test_data_.AppendASCII("zipfile_one_jse_file.zip"), &results); | 307 RunAnalyzer(dir_test_data_.AppendASCII( |
| 308 "download_protection/zipfile_one_jse_file.zip"), |
| 309 &results); |
| 277 ASSERT_TRUE(results.success); | 310 ASSERT_TRUE(results.success); |
| 278 EXPECT_TRUE(results.has_executable); | 311 EXPECT_TRUE(results.has_executable); |
| 279 EXPECT_FALSE(results.has_archive); | 312 EXPECT_FALSE(results.has_archive); |
| 280 ASSERT_EQ(1, results.archived_binary.size()); | 313 ASSERT_EQ(1, results.archived_binary.size()); |
| 281 ExpectBinary(kJSEFile, results.archived_binary.Get(0)); | 314 ExpectBinary(kJSEFile, results.archived_binary.Get(0)); |
| 282 EXPECT_TRUE(results.archived_archive_filenames.empty()); | 315 EXPECT_TRUE(results.archived_archive_filenames.empty()); |
| 283 } | 316 } |
| 284 | 317 |
| 318 #if defined(OS_MACOSX) |
| 319 TEST_F(SandboxedZipAnalyzerTest, ZippedAppWithExecutable) { |
| 320 ArchiveAnalyzerResults results; |
| 321 RunAnalyzer( |
| 322 dir_test_data_.AppendASCII("mach_o/zipped-app-with-executable.zip"), |
| 323 &results); |
| 324 ASSERT_TRUE(results.success); |
| 325 EXPECT_TRUE(results.has_executable); |
| 326 EXPECT_FALSE(results.has_archive); |
| 327 ASSERT_EQ(1, results.archived_binary.size()); |
| 328 ExpectBinary(kMachO, results.archived_binary.Get(0)); |
| 329 } |
| 330 #endif // OS_MACOSX |
| 331 |
| 285 } // namespace safe_browsing | 332 } // namespace safe_browsing |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2961373002:
Improve Zip File Scanning on Mac (Closed)
