| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/safe_browsing/environment_data_collection_win.h" | 5 #include "chrome/browser/safe_browsing/environment_data_collection_win.h" |
| 6 | 6 |
| 7 #include <windows.h> | 7 #include <windows.h> |
| 8 #include <set> | 8 #include <set> |
| 9 | 9 |
| 10 #include "base/i18n/case_conversion.h" | 10 #include "base/i18n/case_conversion.h" |
| 11 #include "base/strings/string_util.h" | 11 #include "base/strings/string_util.h" |
| 12 #include "base/strings/utf_string_conversions.h" | 12 #include "base/strings/utf_string_conversions.h" |
| 13 #include "base/win/registry.h" | 13 #include "base/win/registry.h" |
| 14 #include "chrome/browser/install_verification/win/module_info.h" | 14 #include "chrome/browser/install_verification/win/module_info.h" |
| 15 #include "chrome/browser/install_verification/win/module_verification_common.h" | 15 #include "chrome/browser/install_verification/win/module_verification_common.h" |
| 16 #include "chrome/browser/net/service_providers_win.h" | 16 #include "chrome/browser/net/service_providers_win.h" |
| 17 #include "chrome/browser/safe_browsing/module_integrity_verifier_win.h" |
| 17 #include "chrome/browser/safe_browsing/path_sanitizer.h" | 18 #include "chrome/browser/safe_browsing/path_sanitizer.h" |
| 18 #include "chrome/common/safe_browsing/csd.pb.h" | 19 #include "chrome/common/safe_browsing/csd.pb.h" |
| 19 #include "chrome_elf/chrome_elf_constants.h" | 20 #include "chrome_elf/chrome_elf_constants.h" |
| 20 | 21 |
| 21 namespace safe_browsing { | 22 namespace safe_browsing { |
| 22 | 23 |
| 23 namespace { | 24 namespace { |
| 24 | 25 |
| 26 // The modules on which we will run VerifyModule. |
| 27 const wchar_t* const kModulesToVerify[] = { |
| 28 L"chrome.dll", |
| 29 L"chrome_elf.dll", |
| 30 L"ntdll.dll", |
| 31 }; |
| 32 |
| 25 // Helper function for expanding all environment variables in |path|. | 33 // Helper function for expanding all environment variables in |path|. |
| 26 std::wstring ExpandEnvironmentVariables(const std::wstring& path) { | 34 std::wstring ExpandEnvironmentVariables(const std::wstring& path) { |
| 27 static const DWORD kMaxBuffer = 32 * 1024; // Max according to MSDN. | 35 static const DWORD kMaxBuffer = 32 * 1024; // Max according to MSDN. |
| 28 std::wstring path_expanded; | 36 std::wstring path_expanded; |
| 29 DWORD path_len = MAX_PATH; | 37 DWORD path_len = MAX_PATH; |
| 30 do { | 38 do { |
| 31 DWORD result = ExpandEnvironmentStrings( | 39 DWORD result = ExpandEnvironmentStrings( |
| 32 path.c_str(), WriteInto(&path_expanded, path_len), path_len); | 40 path.c_str(), WriteInto(&path_expanded, path_len), path_len); |
| 33 if (!result) { | 41 if (!result) { |
| 34 // Failed to expand variables. Return the original string. | 42 // Failed to expand variables. Return the original string. |
| (...skipping 60 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 95 PathSanitizer path_sanitizer; | 103 PathSanitizer path_sanitizer; |
| 96 base::win::RegistryValueIterator iter(HKEY_CURRENT_USER, | 104 base::win::RegistryValueIterator iter(HKEY_CURRENT_USER, |
| 97 blacklist::kRegistryFinchListPath); | 105 blacklist::kRegistryFinchListPath); |
| 98 for (; iter.Valid(); ++iter) { | 106 for (; iter.Valid(); ++iter) { |
| 99 base::FilePath dll_name(iter.Value()); | 107 base::FilePath dll_name(iter.Value()); |
| 100 path_sanitizer.StripHomeDirectory(&dll_name); | 108 path_sanitizer.StripHomeDirectory(&dll_name); |
| 101 process->add_blacklisted_dll(dll_name.AsUTF8Unsafe()); | 109 process->add_blacklisted_dll(dll_name.AsUTF8Unsafe()); |
| 102 } | 110 } |
| 103 } | 111 } |
| 104 | 112 |
| 113 void CollectModuleVerificationData( |
| 114 const wchar_t* const modules_to_verify[], |
| 115 size_t num_modules_to_verify, |
| 116 ClientIncidentReport_EnvironmentData_Process* process) { |
| 117 for (size_t i = 0; i < num_modules_to_verify; ++i) { |
| 118 std::set<std::string> modified_exports; |
| 119 int modified = VerifyModule(modules_to_verify[i], &modified_exports); |
| 120 |
| 121 if (modified == MODULE_STATE_UNMODIFIED) |
| 122 continue; |
| 123 |
| 124 ClientIncidentReport_EnvironmentData_Process_ModuleState* module_state = |
| 125 process->add_module_state(); |
| 126 |
| 127 module_state->set_name( |
| 128 base::WideToUTF8(std::wstring(modules_to_verify[i]))); |
| 129 // Add 1 to the ModuleState enum to get the corresponding value in the |
| 130 // protobuf's ModuleState enum. |
| 131 module_state->set_modified_state(static_cast< |
| 132 ClientIncidentReport_EnvironmentData_Process_ModuleState_ModifiedState>( |
| 133 modified + 1)); |
| 134 for (std::set<std::string>::iterator it = modified_exports.begin(); |
| 135 it != modified_exports.end(); |
| 136 ++it) { |
| 137 module_state->add_modified_export(*it); |
| 138 } |
| 139 } |
| 140 } |
| 141 |
| 105 void CollectPlatformProcessData( | 142 void CollectPlatformProcessData( |
| 106 ClientIncidentReport_EnvironmentData_Process* process) { | 143 ClientIncidentReport_EnvironmentData_Process* process) { |
| 107 CollectDlls(process); | 144 CollectDlls(process); |
| 108 RecordLspFeature(process); | 145 RecordLspFeature(process); |
| 109 CollectDllBlacklistData(process); | 146 CollectDllBlacklistData(process); |
| 147 CollectModuleVerificationData( |
| 148 kModulesToVerify, arraysize(kModulesToVerify), process); |
| 110 } | 149 } |
| 111 | 150 |
| 112 } // namespace safe_browsing | 151 } // namespace safe_browsing |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 440753002:
The incident reporting service now calls VerifyModule. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master