chrome/browser/safe_browsing/binary_integrity_service_win.cc - Issue 444123002: Adding a new delayed analysis that verify binaries signature.

Side by Side Diff: chrome/browser/safe_browsing/binary_integrity_service_win.cc

Issue 444123002: Adding a new delayed analysis that verify binaries signature. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@grt

Patch Set: Created 6 years, 4 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« chrome/browser/safe_browsing/binary_integrity_service.cc ('K') | « chrome/browser/safe_browsing/binary_integrity_service.cc ('k') | chrome/browser/safe_browsing/binary_integrity_service_win_unittest.cc » ('j') | chrome/common/safe_browsing/csd.proto » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
(Empty)
	1 // Copyright 2014 The Chromium Authors. All rights reserved.

	2 // Use of this source code is governed by a BSD-style license that can be

	3 // found in the LICENSE file.

	4

	5 #include "chrome/browser/safe_browsing/binary_integrity_service.h"

	6

	7 #include "base/callback.h"

	8 #include "base/files/file_path.h"

	9 #include "base/file_util.h"

	10 #include "base/logging.h"

	11 #include "base/path_service.h"

	12 #include "base/strings/stringprintf.h"

	13 #include "base/strings/utf_string_conversions.h"

	14 #include "chrome/browser/safe_browsing/binary_feature_extractor.h"

	15 #include "chrome/common/safe_browsing/csd.pb.h"

	16

	17 namespace safe_browsing {

	18

	19 void VerifyBinaryIntegrity(const AddIncidentCallback& callback) {

	20 scoped_refptr<BinaryFeatureExtractor> binary_feature_extractor(

	21 new BinaryFeatureExtractor());

	22

	23 // Hold to the same signature info instance until we use it in a report.
	robertshield 2014/08/07 14:57:24 s/Hold/Hold on/ s/Hold/Hold on/ pmonette_google.com 2014/08/07 21:29:29 Done. Show quoted text On 2014/08/07 14:57:24, robertshield wrote: > s/Hold/Hold on/ Done.
	24 scoped_ptr<ClientDownloadRequest_SignatureInfo> signature_info(

	25 new ClientDownloadRequest_SignatureInfo());
	mattm 2014/08/07 20:16:01 I think a new SignatureInfo needs to be created fo I think a new SignatureInfo needs to be created for each call to CheckSignature, or it needs to be cleared between calls, otherwise it looks like data from multiple calls could get mashed together. pmonette_google.com 2014/08/07 21:29:29 That is true. Done. Show quoted text On 2014/08/07 20:16:01, mattm wrote: > I think a new SignatureInfo needs to be created for each call to CheckSignature, > or it needs to be cleared between calls, otherwise it looks like data from > multiple calls could get mashed together. That is true. Done.
	26

	27 std::vector<base::FilePath> critical_binaries = GetCriticalBinariesPath();

	28 for (size_t i = 0; i < critical_binaries.size(); ++i) {

	29 base::FilePath binary_path(critical_binaries[i]);

	30 if (!base::PathExists(binary_path))

	31 continue;

	32

	33 binary_feature_extractor->CheckSignature(binary_path, signature_info.get());

	34

	35 // Only create a report if the signature is untrusted.

	36 if (!signature_info->trusted()) {

	37 scoped_ptr<ClientIncidentReport_IncidentData> incident_data(

	38 new ClientIncidentReport_IncidentData());

	39 ClientIncidentReport_IncidentData_BinaryIntegrityIncident*

	40 binary_integrity = incident_data->mutable_binary_integrity();

	41

	42 binary_integrity->set_file(base::WideToUTF8(binary_path.value()));
	grt (UTC plus 2) 2014/08/07 02:12:46 you can use binary_path.AsUTF8Unsafe() here you can use binary_path.AsUTF8Unsafe() here pmonette_google.com 2014/08/07 21:29:29 Done. Show quoted text On 2014/08/07 02:12:46, grt (no reviews Aug 9 - 27) wrote: > you can use binary_path.AsUTF8Unsafe() here Done.
	43 binary_integrity->set_allocated_signature(signature_info.release());

	44

	45 // Send the report.

	46 callback.Run(incident_data.Pass());

	47

	48 signature_info.reset(new ClientDownloadRequest_SignatureInfo());

	49 }

	50 }

	51 }

	52

	53 std::vector<base::FilePath> GetCriticalBinariesPath() {

	54 const wchar_t* const critical_binary_name[] = {
	grt (UTC plus 2) 2014/08/07 02:12:46 static static pmonette_google.com 2014/08/07 21:29:29 Done. Show quoted text On 2014/08/07 02:12:46, grt (no reviews Aug 9 - 27) wrote: > static Done.
	55 L"%ls\\chrome.dll", L"%ls\\chrome_elf.dll", L"chrome.exe",

	56 };

	57

	58 // Find where chrome.exe is installed.

	59 base::FilePath chrome_exe_dir;

	60 if (!PathService::Get(base::DIR_EXE, &chrome_exe_dir))

	61 NOTREACHED();

	62

	63 std::vector<base::FilePath> critical_binary;
	mattm 2014/08/07 20:16:01 critical_binaries? critical_binaries? pmonette_google.com 2014/08/07 21:29:29 Done. Show quoted text On 2014/08/07 20:16:01, mattm wrote: > critical_binaries? Done.
	64

	65 for (size_t i = 0; i < arraysize(critical_binary_name); ++i) {
	grt (UTC plus 2) 2014/08/07 02:12:46 i like the use of the array to build the output, b i like the use of the array to build the output, but i don't like that the array contains different kinds of items (some in the version dir, one that isn't) for which a single sprintf is used. i think it'd be cleaner to have something like: static const base::FilePath::CharType* const kUnversionedFiles[] = { FILE_PATH_LITERAL("chrome.exe"), }; static const base::FilePath::CharType* const kVersionedFIles[] = { FILE_PATH_LITERAL("chrome.dll"), FILE_PATH_LITERAL("chrome_elf.dll"), }; and then process these separately: critical_binary.reserve(arraysize(kUnversionedFIles) + arraysize(kVersionedFIles)); // append each unversioned file to chrome_exe_dir and push_back base::FilePath version_dir(chrome_exe_dir.Append(chrome_version)); // append each versioned file to version_dir and push_back pmonette_google.com 2014/08/07 21:29:28 Done. Show quoted text On 2014/08/07 02:12:46, grt (no reviews Aug 9 - 27) wrote: > i like the use of the array to build the output, but i don't like that the array > contains different kinds of items (some in the version dir, one that isn't) for > which a single sprintf is used. i think it'd be cleaner to have something like: > > static const base::FilePath::CharType* const kUnversionedFiles[] = { > FILE_PATH_LITERAL("chrome.exe"), > }; > static const base::FilePath::CharType* const kVersionedFIles[] = { > FILE_PATH_LITERAL("chrome.dll"), > FILE_PATH_LITERAL("chrome_elf.dll"), > }; > > and then process these separately: > > critical_binary.reserve(arraysize(kUnversionedFIles) + > arraysize(kVersionedFIles)); > // append each unversioned file to chrome_exe_dir and push_back > base::FilePath version_dir(chrome_exe_dir.Append(chrome_version)); > // append each versioned file to version_dir and push_back Done.
	66 base::string16 binary_name =

	67 base::StringPrintf(critical_binary_name[i], GetChromeVersion().c_str());
	grt (UTC plus 2) 2014/08/07 02:12:46 remove GetChromeVersion altogether and either use remove GetChromeVersion altogether and either use chrome::VersionInfo outside of the loop to get the version string, or #include "version.h" and use the macro CHROME_VERSION_STRING, which expands to a string literal. pmonette_google.com 2014/08/07 21:29:29 Went with the second suggestion. Show quoted text On 2014/08/07 02:12:46, grt (no reviews Aug 9 - 27) wrote: > remove GetChromeVersion altogether and either use chrome::VersionInfo outside of > the loop to get the version string, or #include "version.h" and use the macro > CHROME_VERSION_STRING, which expands to a string literal. Went with the second suggestion.
	68 critical_binary.push_back(chrome_exe_dir.Append(binary_name));

	69 }

	70

	71 return critical_binary;

	72 }

	73

	74 } // namespace safe_browsing

OLD	NEW