| OLD | NEW |
|---|
| (Empty) | |
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #include "chrome/browser/safe_browsing/module_integrity_verifier.h" |
| 6 |
| 7 #include <windows.h> |
| 8 #include <psapi.h> |
| 9 |
| 10 #include "base/files/file_path.h" |
| 11 #include "base/files/memory_mapped_file.h" |
| 12 #include "base/native_library.h" |
| 13 #include "base/path_service.h" |
| 14 #include "base/scoped_native_library.h" |
| 15 #include "base/win/pe_image.h" |
| 16 #include "testing/gtest/include/gtest/gtest.h" |
| 17 |
| 18 namespace safe_browsing { |
| 19 |
| 20 const wchar_t kTestDllName[] = L"verifier_test_dll.dll"; |
| 21 |
| 22 class SafeBrowsingModuleVerifierTest : public testing::Test { |
| 23 protected: |
| 24 SafeBrowsingModuleVerifierTest() {} |
| 25 virtual ~SafeBrowsingModuleVerifierTest() {} |
| 26 |
| 27 base::ScopedNativeLibrary mem_dll_handle_; |
| 28 base::MemoryMappedFile disk_dll_handle_; |
| 29 scoped_ptr<base::win::PEImageAsData> disk_peimage_ptr_; |
| 30 scoped_ptr<base::win::PEImage> mem_peimage_ptr_; |
| 31 |
| 32 void SetUpTestDllAndPEImages() { |
| 33 LoadModule(); |
| 34 HMODULE mem_handle; |
| 35 HMODULE disk_handle; |
| 36 GetMemModuleHandle(&mem_handle); |
| 37 GetDiskModuleHandle(&disk_handle); |
| 38 |
| 39 disk_peimage_ptr_.reset(new base::win::PEImageAsData(disk_handle)); |
| 40 ASSERT_TRUE(disk_peimage_ptr_->VerifyMagic()); |
| 41 mem_peimage_ptr_.reset(new base::win::PEImage(mem_handle)); |
| 42 ASSERT_TRUE(mem_peimage_ptr_->VerifyMagic()); |
| 43 } |
| 44 |
| 45 void LoadModule() { |
| 46 base::FilePath current_dir; |
| 47 ASSERT_TRUE(PathService::Get(base::DIR_EXE, ¤t_dir)); |
| 48 mem_dll_handle_.Reset( |
| 49 LoadNativeLibrary(current_dir.Append(kTestDllName), NULL)); |
| 50 ASSERT_TRUE(mem_dll_handle_.is_valid()); |
| 51 } |
| 52 |
| 53 void GetMemModuleHandle(HMODULE* mem_handle) { |
| 54 *mem_handle = GetModuleHandle(kTestDllName); |
| 55 ASSERT_TRUE(NULL != *mem_handle); |
| 56 } |
| 57 |
| 58 void GetDiskModuleHandle(HMODULE* disk_handle) { |
| 59 // Use the module handle to find the it on disk, then load as a file. |
| 60 HMODULE module_handle = GetModuleHandle(kTestDllName); |
| 61 ASSERT_TRUE(NULL != module_handle); |
| 62 |
| 63 WCHAR module_path[MAX_PATH] = {}; |
| 64 DWORD length = |
| 65 GetModuleFileName(module_handle, module_path, arraysize(module_path)); |
| 66 ASSERT_NE(length, arraysize(module_path)); |
| 67 |
| 68 ASSERT_TRUE(disk_dll_handle_.Initialize(base::FilePath(module_path))); |
| 69 *disk_handle = |
| 70 reinterpret_cast<HMODULE>(const_cast<uint8*>(disk_dll_handle_.data())); |
| 71 } |
| 72 |
| 73 private: |
| 74 DISALLOW_COPY_AND_ASSIGN(SafeBrowsingModuleVerifierTest); |
| 75 }; |
| 76 |
| 77 TEST_F(SafeBrowsingModuleVerifierTest, CountBytesDiffInPtr) { |
| 78 // Construct test pointers and try with CountBytesDiffInPtr. |
| 79 // The first Bytes differ. |
| 80 intptr_t num_a = 0xFF; |
| 81 intptr_t num_b = 0x00; |
| 82 |
| 83 // Any inbetween Bytes are identical. |
| 84 int num_bytes_to_add = sizeof(num_a) - 2; |
| 85 for (int i = 0; i < num_bytes_to_add; ++i) { |
| 86 num_a <<= 8; |
| 87 num_b <<= 8; |
| 88 num_a += 0xFF; |
| 89 num_b += 0xFF; |
| 90 } |
| 91 |
| 92 // The last Bytes differ. |
| 93 num_a <<= 8; |
| 94 num_b <<= 8; |
| 95 num_a += 0x0F; |
| 96 num_b += 0xFF; |
| 97 |
| 98 EXPECT_EQ(2, CountBytesDiffInPtr(num_a, num_b)); |
| 99 EXPECT_EQ(2, CountBytesDiffInPtr(num_b, num_a)); |
| 100 EXPECT_EQ(0, CountBytesDiffInPtr(num_a, num_a)); |
| 101 } |
| 102 |
| 103 TEST_F(SafeBrowsingModuleVerifierTest, VerifyModuleUnmodified) { |
| 104 // Call VerifyModule before the module has been loaded, should fail. |
| 105 EXPECT_EQ(MODULE_STATE_UNKNOWN, VerifyModule(kTestDllName)); |
| 106 |
| 107 // On loading, the module should be identical (up to relocations) in memory as |
| 108 // on disk. |
| 109 SetUpTestDllAndPEImages(); |
| 110 EXPECT_EQ(MODULE_STATE_UNMODIFIED, VerifyModule(kTestDllName)); |
| 111 } |
| 112 |
| 113 TEST_F(SafeBrowsingModuleVerifierTest, VerifyModuleModified) { |
| 114 // Confirm the module is identical in memory as on disk before we begin. |
| 115 SetUpTestDllAndPEImages(); |
| 116 EXPECT_EQ(MODULE_STATE_UNMODIFIED, VerifyModule(kTestDllName)); |
| 117 |
| 118 BYTE* mem_code_addr = NULL; |
| 119 BYTE* disk_code_addr = NULL; |
| 120 SIZE_T code_size = 0; |
| 121 EXPECT_TRUE(GetCodeAddrsAndSize(*mem_peimage_ptr_, |
| 122 *disk_peimage_ptr_, |
| 123 &mem_code_addr, |
| 124 &disk_code_addr, |
| 125 &code_size)); |
| 126 |
| 127 // Edit the first byte of the code section of the module. |
| 128 BYTE new_val = (*mem_code_addr) + 1; |
| 129 SIZE_T bytes_written = 0; |
| 130 WriteProcessMemory(GetCurrentProcess(), |
| 131 mem_code_addr, |
| 132 reinterpret_cast<void*>(&new_val), |
| 133 1, |
| 134 &bytes_written); |
| 135 EXPECT_EQ(1, bytes_written); |
| 136 |
| 137 // VerifyModule should detect the change. |
| 138 EXPECT_EQ(MODULE_STATE_MODIFIED, VerifyModule(kTestDllName)); |
| 139 } |
| 140 |
| 141 } // namespace safe_browsing |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 406043003:
Adding the VerifyModule function (and helpers) to safe browsing. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master