| Index: chrome/browser/safe_browsing/environment_data_collection_win_unittest.cc
|
| diff --git a/chrome/browser/safe_browsing/environment_data_collection_win_unittest.cc b/chrome/browser/safe_browsing/environment_data_collection_win_unittest.cc
|
| index 5c9f0b58ca09eb34bd1ea7a1913dc33e5b2a2a9d..b1ee0b3307f89dd4304bb6b599e2f22d1cea6563 100644
|
| --- a/chrome/browser/safe_browsing/environment_data_collection_win_unittest.cc
|
| +++ b/chrome/browser/safe_browsing/environment_data_collection_win_unittest.cc
|
| @@ -13,6 +13,8 @@
|
| #include "base/strings/utf_string_conversions.h"
|
| #include "base/test/test_reg_util_win.h"
|
| #include "base/win/registry.h"
|
| +#include "chrome/browser/safe_browsing/module_integrity_unittest_util_win.h"
|
| +#include "chrome/browser/safe_browsing/module_integrity_verifier_win.h"
|
| #include "chrome/browser/safe_browsing/path_sanitizer.h"
|
| #include "chrome/common/safe_browsing/csd.pb.h"
|
| #include "chrome_elf/chrome_elf_constants.h"
|
| @@ -167,3 +169,51 @@ TEST(SafeBrowsingEnvironmentDataCollectionWinTest, CollectDllBlacklistData) {
|
| std::string process_report_path = process_report.blacklisted_dll(0);
|
| EXPECT_EQ(path_expected, process_report_path);
|
| }
|
| +
|
| +TEST(SafeBrowsingEnvironmentDataCollectionWinTest, VerifyLoadedModules) {
|
| + // Load the test modules.
|
| + std::vector<base::ScopedNativeLibrary> test_dlls(
|
| + safe_browsing::kTestDllNamesCount);
|
| + for (size_t i = 0; i < safe_browsing::kTestDllNamesCount; ++i) {
|
| + test_dlls[i].Reset(LoadNativeLibrary(
|
| + base::FilePath(safe_browsing::kTestDllNames[i]), NULL));
|
| + }
|
| +
|
| + // Edit the first byte of the function exported by the first module.
|
| + HMODULE module_handle = NULL;
|
| + EXPECT_TRUE(
|
| + GetModuleHandleEx(0, safe_browsing::kTestDllNames[0], &module_handle));
|
| + uint8_t* export_addr = reinterpret_cast<uint8_t*>(
|
| + GetProcAddress(module_handle, safe_browsing::kTestExportName));
|
| + EXPECT_NE(reinterpret_cast<uint8_t*>(NULL), export_addr);
|
| +
|
| + uint8_t new_val = (*export_addr) + 1;
|
| + SIZE_T bytes_written = 0;
|
| + WriteProcessMemory(GetCurrentProcess(),
|
| + export_addr,
|
| + reinterpret_cast<void*>(&new_val),
|
| + 1,
|
| + &bytes_written);
|
| + EXPECT_EQ(1, bytes_written);
|
| +
|
| + safe_browsing::ClientIncidentReport_EnvironmentData_Process process_report;
|
| + safe_browsing::CollectModuleVerificationData(
|
| + safe_browsing::kTestDllNames,
|
| + safe_browsing::kTestDllNamesCount,
|
| + &process_report);
|
| +
|
| + // CollectModuleVerificationData should return the single modified module and
|
| + // its modified export. The other module, being unmodified, is omitted from
|
| + // the returned list of modules.
|
| + EXPECT_EQ(1, process_report.module_state_size());
|
| +
|
| + EXPECT_EQ(base::WideToUTF8(std::wstring(safe_browsing::kTestDllNames[0])),
|
| + process_report.module_state(0).name());
|
| + EXPECT_EQ(
|
| + safe_browsing::ClientIncidentReport_EnvironmentData_Process_ModuleState::
|
| + MODULE_STATE_MODIFIED,
|
| + process_report.module_state(0).modified_state());
|
| + EXPECT_EQ(1, process_report.module_state(0).modified_export_size());
|
| + EXPECT_EQ(std::string(safe_browsing::kTestExportName),
|
| + process_report.module_state(0).modified_export(0));
|
| +}
|
|
|
Chromium Code Reviews
Issue 440753002:
The incident reporting service now calls VerifyModule. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master