Chromium Code Reviews Chromium Code Reviews
Issue 323953002:
Support for recording registered LSPs (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@grt| Index: chrome/browser/safe_browsing/environment_data_collection_win.cc |
| diff --git a/chrome/browser/safe_browsing/environment_data_collection_win.cc b/chrome/browser/safe_browsing/environment_data_collection_win.cc |
| index ef962358909e5a2af2d26ac45e1ee7c7fac7e2dd..997056729147c189eeebe6998376f89c63b0771e 100644 |
| --- a/chrome/browser/safe_browsing/environment_data_collection_win.cc |
| +++ b/chrome/browser/safe_browsing/environment_data_collection_win.cc |
| @@ -1,16 +1,97 @@ |
| -// Copyright 2014 The Chromium Authors. All rights reserved. |
| -// Use of this source code is governed by a BSD-style license that can be |
| -// found in the LICENSE file. |
| - |
| -#include "chrome/browser/safe_browsing/environment_data_collection_win.h" |
| - |
| -#include "chrome/common/safe_browsing/csd.pb.h" |
| - |
| -namespace safe_browsing { |
| - |
| -void CollectPlatformProcessData( |
| - ClientIncidentReport_EnvironmentData_Process* process) { |
| - // TODO(pmonette): collect dlls and lsps. |
| -} |
| - |
| -} // namespace safe_browsing |
| +// Copyright 2014 The Chromium Authors. All rights reserved. |
| +// Use of this source code is governed by a BSD-style license that can be |
| +// found in the LICENSE file. |
| + |
| +#include "chrome/browser/safe_browsing/environment_data_collection_win.h" |
| + |
| +#include <windows.h> |
| +#include <set> |
| + |
| +#include "base/strings/string16.h" |
| +#include "base/strings/string_util.h" |
| +#include "base/strings/utf_string_conversions.h" |
| +#include "chrome/browser/install_verification/win/module_info.h" |
| +#include "chrome/browser/install_verification/win/module_verification_common.h" |
| +#include "chrome/browser/net/service_providers_win.h" |
| +#include "chrome/browser/safe_browsing/path_sanitizer.h" |
| +#include "chrome/common/safe_browsing/csd.pb.h" |
| + |
| +namespace safe_browsing { |
| + |
| +namespace { |
| + |
| +// Helper function for expanding all environment variables in |path|. |
| +base::string16 ExpandEnvironmentVariables(const base::string16& path) { |
| + static const DWORD kMaxBuffer = 32 * 1024; // Max according to MSDN. |
| + base::string16 path_expanded; |
| + DWORD path_len = MAX_PATH; |
| + do { |
| + DWORD result = ExpandEnvironmentStrings( |
| + path.c_str(), WriteInto(&path_expanded, path_len), path_len); |
| + if (!result) { |
| + // Failed to expand variables. Return the original string. |
| + DPLOG(ERROR) << path; |
| + break; |
| + } |
| + if (result <= path_len) |
| + return path_expanded.substr(0, result - 1); |
| + path_len = result; |
| + } while (path_len < kMaxBuffer); |
| + |
| + return path; |
| +} |
| + |
| +} // namespace |
| + |
| +bool CollectDlls(ClientIncidentReport_EnvironmentData_Process* process) { |
| + // Retrieve the module list. |
| + std::set<ModuleInfo> loaded_modules; |
| + if (!GetLoadedModules(&loaded_modules)) |
| + return false; |
| + |
| + // Sanitize path of each module and add it to the incident report. |
| + PathSanitizer path_sanitizer; |
| + for (std::set<ModuleInfo>::const_iterator it = loaded_modules.begin(); |
| + it != loaded_modules.end(); |
| + ++it) { |
| + base::string16 dll_path(it->name); |
| + path_sanitizer.StripHomeDirectoryFromString(&dll_path); |
| + |
| + ClientIncidentReport_EnvironmentData_Process_Dll* dll = process->add_dlls(); |
| + dll->set_path(base::WideToUTF8(dll_path)); |
| + dll->set_base_address(it->base_address); |
| + dll->set_length(it->size); |
| + } |
| + |
| + return true; |
| +} |
| + |
| +void RecordLspFeatures(ClientIncidentReport_EnvironmentData_Process* process) { |
| + WinsockLayeredServiceProviderList lsp_list; |
| + GetWinsockLayeredServiceProviders(&lsp_list); |
| + |
| + // For each LSP, we extract and sanitize the path. |
| + PathSanitizer path_sanitizer; |
| + std::set<base::string16> lsp_paths; |
| + for (size_t i = 0; i < lsp_list.size(); ++i) { |
| + base::string16 lsp_path = ExpandEnvironmentVariables(lsp_list[i].path); |
| + path_sanitizer.StripHomeDirectoryFromString(&lsp_path); |
| + lsp_paths.insert(lsp_path); |
| + } |
| + |
| + // Look for a match between LSPs and loaded dlls. |
| + for (int i = 0; i < process->dlls_size(); ++i) { |
| + if (lsp_paths.count(base::UTF8ToWide(process->dlls(i).path()))) { |
| + process->mutable_dlls(i)->add_features( |
| + ClientIncidentReport_EnvironmentData_Process_Dll_Feature_LSP); |
|
grt (UTC plus 2)
2014/06/10 20:57:53
i think it looks a tad nicer to use the in-class c
pmonette_google.com
2014/06/10 21:39:04
Done.
Cool! Wasn't aware that I could use the enu
|
| + } |
| + } |
| +} |
| + |
| +void CollectPlatformProcessData( |
| + ClientIncidentReport_EnvironmentData_Process* process) { |
| + CollectDlls(process); |
| + RecordLspFeatures(process); |
| +} |
| + |
| +} // namespace safe_browsing |
