The incident reporting service now calls VerifyModule.

chrome/browser/safe_browsing/environment_data_collection_win.cc

Index: chrome/browser/safe_browsing/environment_data_collection_win.cc
diff --git a/chrome/browser/safe_browsing/environment_data_collection_win.cc b/chrome/browser/safe_browsing/environment_data_collection_win.cc
index 4872b5411f153d9873916d733b972709f342fdc8..481a6356cc7a0b4c59750313b510c4db369db4cd 100644
--- a/chrome/browser/safe_browsing/environment_data_collection_win.cc
+++ b/chrome/browser/safe_browsing/environment_data_collection_win.cc
@@ -14,6 +14,7 @@
 #include "chrome/browser/install_verification/win/module_info.h"
 #include "chrome/browser/install_verification/win/module_verification_common.h"
 #include "chrome/browser/net/service_providers_win.h"
+#include "chrome/browser/safe_browsing/module_integrity_verifier_win.h"
 #include "chrome/browser/safe_browsing/path_sanitizer.h"
 #include "chrome/common/safe_browsing/csd.pb.h"
 #include "chrome_elf/chrome_elf_constants.h"
@@ -22,6 +23,14 @@ namespace safe_browsing {
 
 namespace {
 
+// The modules on which we will run VerifyModule.
+const wchar_t* const kModulesToVerify[] = {
+    L"chrome.dll",
+    L"chrome_elf.dll",
+    L"ntdll.dll",
+    NULL,

[grt (UTC plus 2), 2014/08/08 01:08:51]

remove NULL

[krstnmnlsn, 2014/08/08 13:18:08]

Done.

+};
+
 // Helper function for expanding all environment variables in |path|.
 std::wstring ExpandEnvironmentVariables(const std::wstring& path) {
   static const DWORD kMaxBuffer = 32 * 1024;  // Max according to MSDN.
@@ -102,11 +111,39 @@ void CollectDllBlacklistData(
   }
 }
 
+void CollectModuleVerificationData(
+    const wchar_t* const modules_to_verify[],
+    size_t num_modules_to_verify,
+    ClientIncidentReport_EnvironmentData_Process* process) {
+  for (size_t i = 0; i < num_modules_to_verify; ++i) {
+    std::set<std::string> modified_exports;
+    int modified = VerifyModule(modules_to_verify[i], &modified_exports);

[grt (UTC plus 2), 2014/08/08 01:08:51]

should this just continue when this returns MODULE_STATE_UNMODIFIED, or do we
get useful information in this case?

[krstnmnlsn, 2014/08/08 13:18:08]

We don't need to send back the value no.

+
+    ClientIncidentReport_EnvironmentData_Process_ModuleState* module_state =
+        process->add_module_state();
+
+    module_state->set_name(
+        base::WideToUTF8(std::wstring(modules_to_verify[i])));
+    // Add 1 to the ModuleState enum to get the corresponding value in the
+    // protobuf's ModuleState enum.
+    module_state->set_modified_state(static_cast<
+        ClientIncidentReport_EnvironmentData_Process_ModuleState_ModifiedState>(
+        modified + 1));
+    for (std::set<std::string>::iterator it = modified_exports.begin();
+         it != modified_exports.end();
+         ++it) {
+      module_state->add_modified_export(*it);
+    }
+  }
+}
+
 void CollectPlatformProcessData(
     ClientIncidentReport_EnvironmentData_Process* process) {
   CollectDlls(process);
   RecordLspFeature(process);
   CollectDllBlacklistData(process);
+  CollectModuleVerificationData(
+      kModulesToVerify, arraysize(kModulesToVerify), process);
 }
 
 }  // namespace safe_browsing