Chromium Code Reviews Chromium Code Reviews
Issue 323953002:
Support for recording registered LSPs (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@grt| OLD | NEW |
|---|---|
| (Empty) | |
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include "chrome/browser/safe_browsing/environment_data_collection_win.h" | |
| 6 | |
| 7 #include <string> | |
| 8 | |
| 9 #include "base/files/file_path.h" | |
| 10 #include "base/scoped_native_library.h" | |
| 11 #include "chrome/common/safe_browsing/csd.pb.h" | |
| 12 #include "testing/gtest/include/gtest/gtest.h" | |
| 13 | |
| 14 namespace { | |
| 15 | |
| 16 // Helper function that returns true if a dll with filename |dll_name| is | |
| 17 // found in |process_report|. | |
| 18 bool ProcessReportContainsDll( | |
| 19 const safe_browsing::ClientIncidentReport_EnvironmentData_Process& | |
| 20 process_report, | |
| 21 const base::FilePath& dll_name) { | |
| 22 for (int i = 0; i < process_report.dll_size(); ++i) { | |
| 23 base::FilePath current_dll = | |
| 24 base::FilePath::FromUTF8Unsafe(process_report.dll(i).path()); | |
| 25 | |
| 26 if (current_dll.BaseName() == dll_name) | |
| 27 return true; | |
| 28 } | |
| 29 | |
| 30 return false; | |
| 31 } | |
| 32 | |
| 33 } // namespace | |
| 34 | |
| 35 TEST(SafeBrowsingEnvironmentDataCollectionWinTest, CollectDlls) { | |
| 36 // This test will check if the CollectDlls method works by loading | |
| 37 // a dll and then checking if we can find it within the process report. | |
| 38 // Pick msvidc32.dll as it is present from WinXP to Win8 and yet rarely used. | |
| 39 // msvidc32.dll exists in both 32 and 64 bit version. | |
|
grt (UTC plus 2)
2014/06/18 15:42:40
nit: version -> versions
pmonette_google.com
2014/06/18 21:33:29
Done.
| |
| 40 base::FilePath msvdc32_dll(L"msvidc32.dll"); | |
| 41 | |
| 42 safe_browsing::ClientIncidentReport_EnvironmentData_Process process_report; | |
| 43 safe_browsing::CollectDlls(&process_report); | |
| 44 | |
| 45 ASSERT_FALSE(ProcessReportContainsDll(process_report, msvdc32_dll)); | |
| 46 | |
| 47 // Redo the same verification after loading a new dll. | |
| 48 base::ScopedNativeLibrary library(msvdc32_dll); | |
| 49 | |
| 50 process_report.clear_dll(); | |
| 51 safe_browsing::CollectDlls(&process_report); | |
| 52 | |
| 53 ASSERT_TRUE(ProcessReportContainsDll(process_report, msvdc32_dll)); | |
| 54 } | |
| 55 | |
| 56 TEST(SafeBrowsingEnvironmentDataCollectionWinTest, RecordLspFeature) { | |
| 57 // Populate our incident report with loaded modules. | |
| 58 safe_browsing::ClientIncidentReport_EnvironmentData_Process process_report; | |
| 59 safe_browsing::CollectDlls(&process_report); | |
| 60 | |
| 61 // We'll test RecordLspFeatures against a real dll registered as a LSP. | |
| 62 std::string lsp_path = "C:\\Windows\\system32\\mswsock.dll"; | |
| 63 int base_address = 0x77770000; | |
| 64 int length = 0x180000; | |
| 65 | |
| 66 // Look for dlls that are registered as a LSP. | |
| 67 safe_browsing::RecordLspFeature(&process_report); | |
| 68 | |
| 69 // Look through dll entries and check that none contains the LSP feature. | |
| 70 bool lsp_feature_found = false; | |
| 71 for (int i = 0; i < process_report.dll_size(); ++i) { | |
| 72 if (process_report.dll(i).path() == lsp_path) { | |
| 73 // Look for ClientIncidentReport_EnvironmentData_Process_DLL_Feature_LSP | |
| 74 // through the features of each dll. | |
| 75 for (int j = 0; j < process_report.dll(i).feature_size(); ++j) { | |
| 76 if (process_report.dll(i).feature(j) == | |
| 77 safe_browsing::ClientIncidentReport_EnvironmentData_Process_Dll:: | |
| 78 LSP) | |
| 79 lsp_feature_found = true; | |
| 80 } | |
| 81 } | |
| 82 } | |
| 83 | |
| 84 ASSERT_FALSE(lsp_feature_found); | |
| 85 | |
| 86 // Manually add an entry to the process report that will get marked as a LSP. | |
| 87 safe_browsing::ClientIncidentReport_EnvironmentData_Process_Dll* dll = | |
| 88 process_report.add_dll(); | |
| 89 dll->set_path(lsp_path); | |
| 90 dll->set_base_address(base_address); | |
| 91 dll->set_length(length); | |
| 92 | |
| 93 // Look for dlls that are registered as a LSP. | |
| 94 safe_browsing::RecordLspFeature(&process_report); | |
| 95 | |
| 96 // Look through dll entries and check if the one we added contains the LSP | |
| 97 // feature. | |
| 98 lsp_feature_found = false; | |
| 99 for (int i = 0; i < process_report.dll_size(); ++i) { | |
| 100 if (process_report.dll(i).path() == lsp_path) { | |
| 101 // Look for ClientIncidentReport_EnvironmentData_Process_DLL_Feature_LSP | |
| 102 // through the features of each dll. | |
| 103 for (int j = 0; j < process_report.dll(i).feature_size(); ++j) { | |
| 104 if (process_report.dll(i).feature(j) == | |
| 105 safe_browsing::ClientIncidentReport_EnvironmentData_Process_Dll:: | |
| 106 LSP) | |
| 107 lsp_feature_found = true; | |
| 108 } | |
| 109 } | |
| 110 } | |
| 111 | |
| 112 ASSERT_TRUE(lsp_feature_found); | |
| 113 } | |
| OLD | NEW |
