| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include "chrome/browser/safe_browsing/binary_integrity_analyzer.h" | |
| 6 | |
| 7 #include <string> | |
| 8 | |
| 9 #include "base/bind.h" | |
| 10 #include "base/callback.h" | |
| 11 #include "base/file_util.h" | |
| 12 #include "base/metrics/histogram.h" | |
| 13 #include "base/strings/string_number_conversions.h" | |
| 14 #include "base/strings/string_util.h" | |
| 15 #include "base/strings/stringprintf.h" | |
| 16 #include "base/time/time.h" | |
| 17 #include "chrome/browser/browser_process.h" | |
| 18 #include "chrome/browser/safe_browsing/binary_feature_extractor.h" | |
| 19 #include "chrome/browser/safe_browsing/safe_browsing_service.h" | |
| 20 #include "chrome/common/safe_browsing/csd.pb.h" | |
| 21 | |
| 22 namespace safe_browsing { | |
| 23 | |
| 24 namespace { | |
| 25 | |
| 26 void RecordSignatureVerificationTime(size_t file_index, | |
| 27 const base::TimeDelta& verification_time) { | |
| 28 static const char kHistogramName[] = "SBIRS.VerifyBinaryIntegrity."; | |
| 29 | |
| 30 base::HistogramBase* signature_verification_time_histogram = | |
| 31 base::Histogram::FactoryTimeGet( | |
| 32 std::string(kHistogramName) + base::IntToString(file_index), | |
| 33 base::TimeDelta::FromMilliseconds(1), | |
| 34 base::TimeDelta::FromSeconds(20), | |
| 35 50, | |
| 36 base::Histogram::kUmaTargetedHistogramFlag); | |
| 37 | |
| 38 signature_verification_time_histogram->AddTime(verification_time); | |
| 39 } | |
| 40 | |
| 41 } // namespace | |
| 42 | |
| 43 void RegisterBinaryIntegrityAnalysis() { | |
| 44 #if defined(OS_WIN) | |
| 45 scoped_refptr<SafeBrowsingService> safe_browsing_service( | |
| 46 g_browser_process->safe_browsing_service()); | |
| 47 | |
| 48 safe_browsing_service->RegisterDelayedAnalysisCallback( | |
| 49 base::Bind(&VerifyBinaryIntegrity)); | |
| 50 #endif | |
| 51 } | |
| 52 | |
| 53 void VerifyBinaryIntegrity(const AddIncidentCallback& callback) { | |
| 54 scoped_refptr<BinaryFeatureExtractor> binary_feature_extractor( | |
| 55 new BinaryFeatureExtractor()); | |
| 56 | |
| 57 std::vector<base::FilePath> critical_binaries = GetCriticalBinariesPath(); | |
| 58 for (size_t i = 0; i < critical_binaries.size(); ++i) { | |
| 59 base::FilePath binary_path(critical_binaries[i]); | |
| 60 if (!base::PathExists(binary_path)) | |
| 61 continue; | |
| 62 | |
| 63 scoped_ptr<ClientDownloadRequest_SignatureInfo> signature_info( | |
| 64 new ClientDownloadRequest_SignatureInfo()); | |
| 65 | |
| 66 base::TimeTicks time_before = base::TimeTicks::Now(); | |
| 67 binary_feature_extractor->CheckSignature(binary_path, signature_info.get()); | |
| 68 RecordSignatureVerificationTime(i, base::TimeTicks::Now() - time_before); | |
| 69 | |
| 70 // Only create a report if the signature is untrusted. | |
| 71 if (!signature_info->trusted()) { | |
| 72 scoped_ptr<ClientIncidentReport_IncidentData> incident_data( | |
| 73 new ClientIncidentReport_IncidentData()); | |
| 74 ClientIncidentReport_IncidentData_BinaryIntegrityIncident* | |
| 75 binary_integrity = incident_data->mutable_binary_integrity(); | |
| 76 | |
| 77 binary_integrity->set_file_basename( | |
| 78 binary_path.BaseName().AsUTF8Unsafe()); | |
| 79 binary_integrity->set_allocated_signature(signature_info.release()); | |
| 80 | |
| 81 // Send the report. | |
| 82 callback.Run(incident_data.Pass()); | |
| 83 } | |
| 84 } | |
| 85 } | |
| 86 | |
| 87 #if !defined(OS_WIN) | |
| 88 std::vector<base::FilePath> GetCriticalBinariesPath() { | |
| 89 return std::vector<base::FilePath>(); | |
| 90 } | |
| 91 #endif // !defined(OS_WIN) | |
| 92 | |
| 93 } // namespace safe_browsing | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 470213002:
Moving all the incident reporting stuff to a common folder (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@binsign