Adding the VerifyModule function (and helpers) to safe browsing.

chrome/browser/safe_browsing/module_integrity_verifier_unittest.cc

Index: chrome/browser/safe_browsing/module_integrity_verifier_unittest.cc
diff --git a/chrome/browser/safe_browsing/module_integrity_verifier_unittest.cc b/chrome/browser/safe_browsing/module_integrity_verifier_unittest.cc
new file mode 100644
index 0000000000000000000000000000000000000000..479cdba16ebd5b4b0297284c11059d13edd8bf14
--- /dev/null
+++ b/chrome/browser/safe_browsing/module_integrity_verifier_unittest.cc
@@ -0,0 +1,138 @@
+// Copyright 2014 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "chrome/browser/safe_browsing/module_integrity_verifier.h"
+
+#include "base/files/file_path.h"
+#include "base/files/memory_mapped_file.h"
+#include "base/native_library.h"
+#include "base/path_service.h"
+#include "base/scoped_native_library.h"
+#include "base/win/pe_image.h"
+#include "testing/gtest/include/gtest/gtest.h"
+
+namespace safe_browsing {
+
+const wchar_t kTestDllName[] = L"verifier_test_dll.dll";

[grt (UTC plus 2), 2014/07/31 17:03:34]

put in unnamed namespace

[krstnmnlsn, 2014/08/04 15:18:16]

Right.

+
+class SafeBrowsingModuleVerifierTest : public testing::Test {
+ protected:
+  SafeBrowsingModuleVerifierTest() {}

[grt (UTC plus 2), 2014/07/31 17:03:34]

may as well remove these

[krstnmnlsn, 2014/08/04 15:18:15]

Done.

+  virtual ~SafeBrowsingModuleVerifierTest() {}
+
+  base::ScopedNativeLibrary mem_dll_handle_;
+  base::MemoryMappedFile disk_dll_handle_;
+  scoped_ptr<base::win::PEImageAsData> disk_peimage_ptr_;
+  scoped_ptr<base::win::PEImage> mem_peimage_ptr_;
+
+  void SetUpTestDllAndPEImages() {
+    LoadModule();
+    HMODULE mem_handle;
+    HMODULE disk_handle;
+    GetMemModuleHandle(&mem_handle);
+    GetDiskModuleHandle(&disk_handle);
+
+    disk_peimage_ptr_.reset(new base::win::PEImageAsData(disk_handle));
+    ASSERT_TRUE(disk_peimage_ptr_->VerifyMagic());
+    mem_peimage_ptr_.reset(new base::win::PEImage(mem_handle));
+    ASSERT_TRUE(mem_peimage_ptr_->VerifyMagic());
+  }
+
+  void LoadModule() {
+    base::FilePath current_dir;
+    ASSERT_TRUE(PathService::Get(base::DIR_EXE, &current_dir));

[grt (UTC plus 2), 2014/07/31 17:03:34]

is this needed? doesn't the loader check the exe's directory first by default?

[krstnmnlsn, 2014/08/04 15:18:15]

Yep, seems like I don't need it.

+    mem_dll_handle_.Reset(
+        LoadNativeLibrary(current_dir.Append(kTestDllName), NULL));
+    ASSERT_TRUE(mem_dll_handle_.is_valid());
+  }
+
+  void GetMemModuleHandle(HMODULE* mem_handle) {
+    *mem_handle = GetModuleHandle(kTestDllName);
+    ASSERT_TRUE(NULL != *mem_handle);

[grt (UTC plus 2), 2014/07/31 17:03:34]

as clumsy as it is:
    ASSERT_NE(static_cast<HMODULE>(NULL), *mem_handle);

[krstnmnlsn, 2014/08/04 15:18:15]

Done.

+  }
+
+  void GetDiskModuleHandle(HMODULE* disk_handle) {
+    // Use the module handle to find the it on disk, then load as a file.
+    HMODULE module_handle = GetModuleHandle(kTestDllName);
+    ASSERT_TRUE(NULL != module_handle);

[grt (UTC plus 2), 2014/07/31 17:03:34]

    ASSERT_NE(static_cast<HMODULE>(NULL), module_handle);

[krstnmnlsn, 2014/08/04 15:18:15]

Done.

+
+    WCHAR module_path[MAX_PATH] = {};
+    DWORD length =
+        GetModuleFileName(module_handle, module_path, arraysize(module_path));
+    ASSERT_NE(length, arraysize(module_path));

[grt (UTC plus 2), 2014/07/31 17:03:34]

swap args. reason: the expected value comes first in ASSERT_EQ, so i think it's
a good idea to do the same for ASSERT_NE.

[krstnmnlsn, 2014/08/04 15:18:15]

Done.

+
+    ASSERT_TRUE(disk_dll_handle_.Initialize(base::FilePath(module_path)));
+    *disk_handle =
+        reinterpret_cast<HMODULE>(const_cast<uint8*>(disk_dll_handle_.data()));
+  }
+
+ private:

[grt (UTC plus 2), 2014/07/31 17:03:34]

not needed for tests

[krstnmnlsn, 2014/08/04 15:18:15]

Done.

+  DISALLOW_COPY_AND_ASSIGN(SafeBrowsingModuleVerifierTest);
+};
+
+TEST_F(SafeBrowsingModuleVerifierTest, CountBytesDiffInPtr) {
+  // Construct test pointers and try with CountBytesDiffInPtr.
+  // The first Bytes differ.
+  uintptr_t num_a = 0xFF;
+  uintptr_t num_b = 0x00;
+
+  // Any inbetween Bytes are identical.
+  int num_bytes_to_add = sizeof(num_a) - 2;
+  for (int i = 0; i < num_bytes_to_add; ++i) {
+    num_a <<= 8;
+    num_b <<= 8;
+    num_a += 0xFF;
+    num_b += 0xFF;
+  }
+
+  // The last Bytes differ.
+  num_a <<= 8;
+  num_b <<= 8;
+  num_a += 0x0F;
+  num_b += 0xFF;
+
+  EXPECT_EQ(2, CountBytesDiffInPtr(num_a, num_b));
+  EXPECT_EQ(2, CountBytesDiffInPtr(num_b, num_a));
+  EXPECT_EQ(0, CountBytesDiffInPtr(num_a, num_a));
+}
+
+TEST_F(SafeBrowsingModuleVerifierTest, VerifyModuleUnmodified) {
+  // Call VerifyModule before the module has been loaded, should fail.
+  EXPECT_EQ(MODULE_STATE_UNKNOWN, VerifyModule(kTestDllName));
+
+  // On loading, the module should be identical (up to relocations) in memory as
+  // on disk.
+  SetUpTestDllAndPEImages();
+  EXPECT_EQ(MODULE_STATE_UNMODIFIED, VerifyModule(kTestDllName));
+}
+
+TEST_F(SafeBrowsingModuleVerifierTest, VerifyModuleModified) {
+  // Confirm the module is identical in memory as on disk before we begin.
+  SetUpTestDllAndPEImages();
+  EXPECT_EQ(MODULE_STATE_UNMODIFIED, VerifyModule(kTestDllName));
+
+  uint8_t* mem_code_addr = NULL;
+  uint8_t* disk_code_addr = NULL;
+  uint32_t code_size = 0;
+  EXPECT_TRUE(GetCodeAddrsAndSize(*mem_peimage_ptr_,
+                                  *disk_peimage_ptr_,
+                                  &mem_code_addr,
+                                  &disk_code_addr,
+                                  &code_size));
+
+  // Edit the first byte of the code section of the module.
+  uint8_t new_val = (*mem_code_addr) + 1;
+  SIZE_T bytes_written = 0;
+  WriteProcessMemory(GetCurrentProcess(),
+                     mem_code_addr,
+                     reinterpret_cast<void*>(&new_val),
+                     1,
+                     &bytes_written);
+  EXPECT_EQ(1, bytes_written);
+
+  // VerifyModule should detect the change.
+  EXPECT_EQ(MODULE_STATE_MODIFIED, VerifyModule(kTestDllName));
+}
+
+}  // namespace safe_browsing