Support for recording registered LSPs

chrome/browser/safe_browsing/environment_data_collection_win.cc

Index: chrome/browser/safe_browsing/environment_data_collection_win.cc
diff --git a/chrome/browser/safe_browsing/environment_data_collection_win.cc b/chrome/browser/safe_browsing/environment_data_collection_win.cc
index ef962358909e5a2af2d26ac45e1ee7c7fac7e2dd..59388f548280f13688a300e0c30e1c87db0704aa 100644
--- a/chrome/browser/safe_browsing/environment_data_collection_win.cc
+++ b/chrome/browser/safe_browsing/environment_data_collection_win.cc
@@ -1,16 +1,102 @@
-// Copyright 2014 The Chromium Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-
-#include "chrome/browser/safe_browsing/environment_data_collection_win.h"
-
-#include "chrome/common/safe_browsing/csd.pb.h"
-
-namespace safe_browsing {
-
-void CollectPlatformProcessData(
-    ClientIncidentReport_EnvironmentData_Process* process) {
-  // TODO(pmonette): collect dlls and lsps.
-}
-
-}  // namespace safe_browsing
+// Copyright 2014 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "chrome/browser/safe_browsing/environment_data_collection_win.h"
+
+#include <windows.h>
+#include <set>
+
+#include "base/strings/string_util.h"
+#include "base/strings/utf_string_conversions.h"
+#include "chrome/browser/install_verification/win/module_info.h"
+#include "chrome/browser/install_verification/win/module_verification_common.h"
+#include "chrome/browser/net/service_providers_win.h"
+#include "chrome/browser/safe_browsing/path_sanitizer.h"
+#include "chrome/common/safe_browsing/csd.pb.h"
+
+namespace safe_browsing {
+
+namespace {
+
+// Helper function for expanding all environment variables in |path|.
+std::wstring ExpandEnvironmentVariables(const std::wstring& path) {
+  static const DWORD kMaxBuffer = 32 * 1024;  // Max according to MSDN.
+  std::wstring path_expanded;
+  DWORD path_len = MAX_PATH;
+  do {
+    DWORD result = ExpandEnvironmentStrings(
+        path.c_str(), WriteInto(&path_expanded, path_len), path_len);
+    if (!result) {
+      // Failed to expand variables. Return the original string.
+      DPLOG(ERROR) << path;
+      break;
+    }
+    if (result <= path_len)
+      return path_expanded.substr(0, result - 1);
+    path_len = result;
+  } while (path_len < kMaxBuffer);
+
+  return path;
+}
+
+}  // namespace
+
+bool CollectDlls(ClientIncidentReport_EnvironmentData_Process* process) {
+  // Retrieve the module list.
+  std::set<ModuleInfo> loaded_modules;
+  if (!GetLoadedModules(&loaded_modules))
+    return false;
+
+  // Sanitize path of each module and add it to the incident report.
+  PathSanitizer path_sanitizer;
+  for (std::set<ModuleInfo>::const_iterator it = loaded_modules.begin();
+       it != loaded_modules.end();
+       ++it) {
+    base::FilePath dll_path(it->name);
+    path_sanitizer.StripHomeDirectory(&dll_path);
+
+    ClientIncidentReport_EnvironmentData_Process_Dll* dll = process->add_dll();
+    dll->set_path(base::WideToUTF8(dll_path.value()));
+    dll->set_base_address(it->base_address);
+    dll->set_length(it->size);
+  }
+
+  return true;
+}
+
+void RecordLspFeature(ClientIncidentReport_EnvironmentData_Process* process) {
+  WinsockLayeredServiceProviderList lsp_list;
+  GetWinsockLayeredServiceProviders(&lsp_list);
+
+  // For each LSP, we extract and sanitize the path.
+  PathSanitizer path_sanitizer;
+  std::set<std::wstring> lsp_paths;
+  for (size_t i = 0; i < lsp_list.size(); ++i) {
+    base::FilePath lsp_path(ExpandEnvironmentVariables(lsp_list[i].path));
+    path_sanitizer.StripHomeDirectory(&lsp_path);
+    lsp_paths.insert(lsp_path.value());
+  }
+
+  // Look for a match between LSPs and loaded dlls.
+  for (int i = 0; i < process->dll_size(); ++i) {
+    std::wstring dll_path = base::UTF8ToWide(process->dll(i).path());
+    for (std::set<std::wstring>::const_iterator iter = lsp_paths.begin();

[mattm, 2014/06/23 22:23:16]

How many entries are in these lists? Is it worth worrying about making this a
O(n*m) loop?  Could avoid by lowercasing the entries as you put them into the
set.

[grt (UTC plus 2), 2014/06/24 13:48:15]

I like Matt's suggestion: drop the case on lsp_path in the upper loop when
inserting in the set and on dll_path on line 84 and switch back to a straight
lookup in the set. base/i18n/case_conversion.h has helpers for operating on
string16s (std::wstring and base::string16 are the same datatype on Windows).

[pmonette_google.com, 2014/06/25 14:29:12]

Done. But I figured that doing the case convertion for dll paths in CollectDlls
is a better idea and will remove the burden of dealing with case-sensitive paths
server-side.

+         iter != lsp_paths.end();
+         iter++) {
+      if (_wcsicmp(dll_path.c_str(), iter->c_str()) == 0) {
+        process->mutable_dll(i)->add_feature(
+            ClientIncidentReport_EnvironmentData_Process_Dll::LSP);
+        break;
+      }
+    }
+  }
+}
+
+void CollectPlatformProcessData(
+    ClientIncidentReport_EnvironmentData_Process* process) {
+  CollectDlls(process);
+  RecordLspFeature(process);
+}
+
+}  // namespace safe_browsing